News and Resources

Chief Risk Officer

In this section

Chief Risk Officer 

Level: SES1

The Chief Risk Officer (CRO) plays an important leadership role within the organisation by providing a foundation upon which to support ARPC’s risk framework and to support risk in the executive teams across ARPC through business risk partnering. The CRO works closely with the senior executive team to identify, measure and evaluate current, emerging and future risks.

The CRO establishes people, processes and systems strategies which influence the risk culture within ARPC. The CRO is expected to work closely with the Board, Senior Executive, employees, and other stakeholders to ensure that ARPC has a robust and effective risk management framework that aligns with our corporate plan and legislative and regulatory obligations.

Key Accountabilities

  • Role model ARPC’s Values and Code of Conduct and capabilities set out in ARPC’s Capability Framework

Strategic policy and framework

  • Design and implement a fit-for-purpose risk management strategy, policies, and procedures within ARPC.
  • Ensue that roles and responsibilities for risk management are clearly understood across ARPC and they align with delegations.
  • Develop a vision for risk management which supports ARPC to achieve strategic business goals whilst appropriately managing current, emerging, and future risks.
  • Establish appropriate risk policy and frameworks, including management framework, risk appetite and tolerance statement, risk register, risk related policies, procedures, and control frameworks.
  • Provide strategic risk advice, including current and emerging risks, to the ARPC Board, Board Committees and the ARPC Senior Executive Team
  • Contribute strategic thinking on risk management as part of corporate planning and reporting processes and oversee actions to build organisational capability to appropriately manage risk.
  • Ensure compliance to risk management obligations in the PGPA Act and, where relevant, best practice informed by APRA guidelines for risk management.
  • Monitor and report on ARPC’s risk profile and risk appetite.
  • Provide advice and guidance on risk-related issues and opportunities to the executive team and ARPC Board.
  • Support the newly created ARPC Board Risk Committee through appropriate reporting and documentation (in-progress).

Risk management

  • Develop appropriate external risk reports.
  • Support the development of risk appetite and tolerance.
  • Ensure the data within ARPC to assess risks is fit-for-purpose.
  • Ensure the Executive Team has a comprehensive understanding of the whole of entity risk profile.
  • Embed the risk framework into ARPC’s business operations.
  • Oversight the risk framework.
  • Provide oversight of the systems and controls, noting risks are owned by the respective business areas.
  • Oversee enterprise level analysis and reporting on the risk profile and risks for the ARPC Senior Executive Team, Board and Board Committees

Risk culture

  • Measure and report on the risk culture within ARPC
  • Implement and ensure the use of a common risk language within ARPC.
  • Facilitate and promote an environment where informed risk-based decision making can occur.
  • Establish frameworks processes which enable the creation of an appropriate risk culture within the organisation.
  • Establish risk culture within ARPC to reflect the sensitivities and complexities of government and relationships with ministers and stakeholders.
  • Exemplify and model integrity, ethics, values, and the desired cultural behaviours.
  • Bring an innovative, holistic, and objective lens to decision-making conversations.
  • Establish programs of work which serve to develop the capability of the organisation to be able to harness opportunities through effective risk management.

Risk training

  • Identify and implement appropriate training and awareness programs to build the capability of officials to appropriately manage risk.

Business continuity (including Agency Security Advisor responsibility)

  • Lead the strategic response planning to provide assurance that ARPC is able to effectively respond before, during and after an incident or crisis (such as a pandemic, IT outage, physical premises interruption) which may impact ARPC’s business operations.
  • Oversight the regulatory responsibility of Agency Security Advisor to be led within the Risk team. These responsibilities, detailed in the ‘Key Legislative / Regulatory Role Responsibilities’ section, include strategic planning for protective security matters in compliance with the law and Australian Government policies.

Functional leadership

  • Empower and enable the Risk team to design and deliver strategic risk management plans which support ARPC to achieve its strategic priorities.
  • Lead small teams of professional employees (in accordance with ARPC’s Capability Framework) and manage end to end employee matters such as recruitment, performance management and development.
  • Establish and maintain a culture of high engagement and performance, with a focus on continuous improvement.

As a member of the Senior Leadership Team

  • Develop and maintain a commercial understanding of the markets in which ARPC operates in order to contribute to short, medium, and long-term business planning and development.
  • Identify immediate and forward-looking opportunities and risks impacting the business and recommend actions which mitigate risks and/or seize opportunities.
  • Develop and maintain a commercial understanding of the markets in which ARPC operates to inform short, medium, and long-term business planning and development.
  • Lead the development of frameworks to measure the effectiveness of ARPC’s strategic objectives.
  • Support the CEO in execution of corporate strategies.
  • In accordance with the Business Continuity Management Procedure, as part of the response team, contribute to the organisational response.
  • Contribute to overall leadership and management of the Corporation to achieve its strategic objectives.
  • Contribute to the identification of business process improvement opportunities.

For enquiries or to apply for this position:

Contact either our Executive Search partner Jonathan Harper or Audrey Tamburini at Omera Partners:

Email: [email protected] | Telephone: (03) 9948 2135

Or the ARPC careers team at:

Email: [email protected] | Telephone: (02) 8223 6777

The close date for enquiries or applications for this position is 5 PM, Wednesday 1st May 2024.



Insurer customer logins to ARPC

Terrorism Insurer Portal (RISe)

RISe is ARPC’s Terrorism Reinsurance Pool (terrorism pool) insurer customer portal, which allows terrorism pool insurer customers to lodge their company information in a secure and user-friendly environment.

Cyclone Insurer Portal (PACE)

PACE is ARPC’s Cyclone Reinsurance Pool (cyclone pool) insurer customer portal, which allows cyclone pool insurer customers to lodge their company information in a secure and user-friendly environment.