Risk Management Plan


Optional (see Notes section below)


Resource Management Guide 211 – Implementing the Commonwealth Risk Management Policy – Guidance at: https://www.finance.gov.au/government/managing-commonwealth-resources/implementing-commonwealth-risk-management-policy-rmg-211

Legislation / Policy
Legislation / Policy contact
Additional information

The Commonwealth Risk Management Policy was released on 1 July 2014. This policy supports the Public Governance, Performance and Accountability Act 2013 (PGPA Act), which requires accountable authorities of entities to establish and maintain appropriate systems and internal controls for the oversight and management of risk. 

The Commonwealth Risk Management Policy is supported by Resource Management Guide 211 – Implementing the Commonwealth Risk Management Policy – Guidance (RMG211).  Inclusion of this clause when appropriate supports entities to meet Element 7 of RMG211 – Understanding and managing shared risk.

This clause requires the Supplier to prepare and submit a Risk Management Plan to the Customer for review. The Supplier is required to annually update the Risk Management Plan to ensure it remains relevant. This update may need to occur more regularly depending on the nature and severity of the risks faced or in response to changes to the risks or operating context. The clause identifies the more common aspects that would be expected to be covered in a Risk Management Plan.


Risk Management Plan

X.1    The Supplier will prepare a Risk Management Plan in relation to the performance of this Contract. The Supplier will submit the Risk Management Plan to the Customer within 10 business days of the Contract Start Date for review.

X.2    The Risk Management Plan should at a minimum detail the:

  1. risk assessment process including risk identification, risk rating methodology, consequence ratings, methods for risk treatment/control; risk monitoring and consultation undertaken;
  2. requirements for developing and maintaining a risk register to record and review risks related to the Contract; and
  3. risk management processes including who within the Supplier’s organisation will be responsible for management and reporting of the relevant risks.

X.3    The Customer may suggest amendments to the Risk Management Plan, and the Supplier will promptly make any amendments required by the Customer and promptly resubmit the revised Risk Management Plan to the Customer for its further review.

X.4    The Supplier must comply with the Risk Management Plan in its performance of this Contract. For the avoidance of doubt, nothing in this clause derogates from the Supplier’s other obligations arising under this Contract or otherwise in relation to the provision of the Goods and/or Services.

X.5    The Supplier will review and if appropriate, update the Risk Management Plan no less frequently than every six months during the Contract Term to ensure that it remains relevant.  The Supplier will promptly provide a copy of each updated Risk Management Plan to the Customer.


While use of this clause is optional, longer term and/or higher risk contracts often include a clause of this type.

Standardisation of contractual text results in efficiencies for both Parties to a contract. Before deciding whether a particular clause is appropriate, procurement officials should carefully consider the context of their procurement.

Clause wording would generally need to be changed where particular activities are being carried out under the Contract that raise more complex risks that may warrant more robust risk management provisions and subject matter expertise, or where the Customer proposes to work more closely with the Supplier in relation to risk management.

Care should be taken to avoid the Customer indirectly taking on additional responsibility for the Supplier’s management of risk and performance of Contract.

Otherwise, where this clause is included, the clause wording should be used without change.

Terms that are capitalised may need to be changed to align with the Contract terminology.

Did you find this content useful?