Particular events that can impact on public entities may be internal or external and may involve:

  • a breach of legislation, such as the Corporations Act 2001 or the Occupational Health and Safety Act 2004;
  • changes to key policy or personnel;
  • an unplanned event that causes the death of, or significant harm to, employees, clients or the public; or
  • an event that shuts down business, disrupts operations, causes physical or environmental damage or threatens the entity’s finances.

In all cases, the reputation of the entity and the board, and therefore the reputation of government may be at risk.

These events do not generally happen often enough in most public entities to engender strong corporate knowledge of how to manage them.

This section of the guide has been developed based on recent public entity experiences of these types of events. It provides background information and checklists to support incoming CEOs and their staff to plan ahead and provides particular detail on responding to:

  • external scrutiny and investigation;
  • changes to policy or personnel; and
  • what actions will be taken.

General Principles

There are some general principles which underpin good management of any significant event. Most importantly prior planning is essential, so that unexpected significant events can be managed from the outset.

Planning for significant events involves defining:

  • how significant events will be identified; and
  • what actions will be taken.

Clear procedures need to be in place to provide for communication of issues to the board, government and relevant stakeholders. Those issues that require the board and government to be notified should be clearly defined and a communication plan should be developed.

Questions to Consider

Issue Question
effective communication has the board been informed? are there established protocols for ongoing information flow?
has the minister’s office been informed? are there established protocols for ongoing information flow?
has the portfolio department been informed? are there established protocols for ongoing information flow?
have relevant stakeholders been informed? are there established protocols for ongoing information flow?
are issues and developments being documented for future reference and evaluation?
media management is the media involved? who is the designated spokeperson for the public entity? (e.g. the CEO, the chair, the media manager)
resourcing does a focused committee need to be established to manage the issues?
does the entity have the right skills and capabilities to manage the issue over the short term? should additional expertise be engaged?

External Scrutiny and Investigation

CEOs are responsible for instilling a culture of high standards of integrity, performance and accountability in the entity. Effective leadership and an ethical, responsive and high performing work-based culture are the most effective mechanisms for safeguarding against failures of performance, integrity and accountability.

Public entities undertake their roles in an environment of intense public scrutiny. Boards, CEOs and their staff are held to account by their portfolio department and minister. In addition, they can be subject to external scrutiny and investigation by agents of government such as the Auditor-General, the Ombudsman, portfolio-specific regulators and integrity bodies, as well as committees of parliament, the opposition, clients, stakeholders and the media. External scrutiny may centre on the public entity’s compliance with specific legislative obligations (e.g. the Financial Management Act) or with more general standards of integrity, service delivery and performance.

Public entities need clear operating procedures for managing external scrutiny. Boards, CEOs and their staff may be subject to coercive powers and requirements to assist investigations.

CEOs and their entities should also prioritise the establishment of respectful and collaborative working relationships with all integrity bodies, including both portfolio-specific integrity bodies and those with a broader mandate, such as the Ombudsman and Auditor-General. This will support the entity to maintain an awareness of the potential integrity issues and develop solutions to address them.

Integrity bodies1

The Auditor-General

The Auditor-General undertakes two types of audits:

  • financial audits – providing assurance to parliament and the community that the information contained in the financial statements of public entities is presented fairly in accordance with Australian accounting standards and applicable legislation.
  • performance audits – evaluating whether a government organisation or program is achieving its objectives effectively, economically and efficiently, and in compliance with all relevant legislation. Performance audits extend beyond the examination of financial affairs and transactions to encompass wider management issues.

Reports of audits highlight issues of importance to parliament and the government, and contain suggestions to improve the management of organisations and increase their operational effectiveness.

The Auditor-General has broad powers under the Audit Act to access information necessary to perform duties under the Act. Public entities are required to cooperate fully with any audit.

Public entities are provided with an opportunity to comment on draft reports of performance audits. All Auditor-General reports are confidential until they are provided to parliament.

CEOs should ensure that they are familiar with the findings of past audit reports to ensure the findings and recommendations made by the Auditor-General are reflected in the entity’s policies and procedures.

The Auditor-General publishes a plan of future audits. CEOs should ensure that they are aware of future audit areas.

The Ombudsman

The Ombudsman is the principal officer charged with reviewing administrative actions in the Victorian public sector. The Ombudsman may investigate administrative actions taken by public entities, government departments, or by any member of staff of a municipal council. The Ombudsman may conduct an investigation as a consequence of a complaint, on his or her ‘own motion’, or in response to a reference from a House or committee of parliament.

The Ombudsman has broad powers to conduct investigations, including the power to enter public premises, summons witnesses and compel witnesses to give evidence. The Ombudsman reports directly to parliament and produces an annual report for the parliament along with reports on key investigations throughout the year.

It is a criminal offence to:

  • wilfully obstruct, hinder or resist the Ombudsman;
  • refuse or wilfully fail to comply with his lawful requirements;
  • fail to attend or produce any documents when summonsed; or
  • wilfully make a false or misleading statement.

When an investigation is finalised, the Ombudsman has a number of options:

  • present the report to parliament;
  • provide a report to the relevant agency; or
  • release all or parts of the report.

The Ombudsman’s office offers a number of workshops to provide practical knowledge on good practice principles of complaint handling.


In addition to the Auditor-General and Ombudsman, there are a number of public bodies in Victoria that have a role in monitoring, investigating or reporting on standards of integrity, accountability and transparency in the public sector. These bodies include:

  • Victorian Public Sector Commission – may undertake a special inquiry, systems review or special review into management systems, structures or processes in a public service body or public entity.
  • Director of Public Prosecutions – prosecutes on behalf of the Crown in the High Court, the Supreme Court of Victoria and the County Court of Victoria all indictable offences under the laws of the State of Victoria.
  • Victorian Public Sector Commissioner – may require public entity heads to provide information relating to the application of the public sector values, the public sector employment principles, codes of conduct and standards.
  • Office of the Victorian Privacy Commissioner – regulates the way Victorian Government agencies and local councils collect and handle personal information.
  • Victorian Equal Opportunity and Human Rights Commission – helps resolve complaints about human rights violations and various discrimination laws.
  • Victoria Police – provides police services to the Victorian community. Victoria Police should be contacted to investigate any allegation of assault or sexual assault in the workplace.

There are also a number of other regulators and portfolio-specific integrity bodies that may hold departments and public entities to account for their actions or inactions. One such example is the Health Services Commissioner, who works to resolve complaints from users of health services about health service providers.

In addition to these integrity bodies, the government has announced its intention to establish an independent broad-based anti-corruption commission. The new commission will have access to a full range of anti-corruption investigative powers and have jurisdiction over all members of the government, judiciary, local government, parliament, the public service and the public sector.

Questions to Consider

Issue Question
complaints handling is there a systematic approach to recording complaints and outcomes?
are sufficient resources allocated to allow an analysis of aggregated complaint data and identification of recurring or system-wide problems?
are findings from complaint data used to improve services?
integrity body findings have findings and recommendations from audits / reviews or advice from integrity bodies been taken into account?

Protected Disclosures

The Independent Broad-Based Anti-Corruption Commission (IBAC) currently coordinates and manages protected disclosures under the Protected Disclosures Act 2012. For more information, visit IBAC.


All public entities are subject to regulation. This includes regulatory bodies themselves. Regulatory bodies undertake enforcement activities through the use of legal instruments to achieve policy objectives. They can assist public entities to achieve improved standards of accountability and transparency.

Regulatory bodies may:

  • issue licences or permits for specific markets;
  • establish standards and codes of practice relating to performance; and
  • enforce the provisions of Acts, regulations or other regulatory instruments through inspections, investigations, warnings and actions through the courts.

The Victorian Competition and Efficiency Commission (VCEC) defines a regulator as:

A State Government entity (either independent or within a department) that derives from primary or subordinate legislation one or more of the following powers in relation to businesses and occupations: inspection; regulatory advice to a third party; licensing; accreditation or enforcement.2

Regulators may include:

  • agencies with minor regulatory functions, in the context of their total operations and impacts on business – for example, the Country Fire Authority and Metropolitan Fire and Emergency Services Board provide technical advice on fire safety aspects of building and construction;
  • agencies whose primary regulatory responsibilities involve contingent regulation – such as the Communicable Diseases Unit of the Department of Human Services; and
  • agencies which are essentially complaint handling and dispute resolution bodies – such as the Health Services Commissioner and the Small Business Commissioner.

The CEO has a responsibility to ensure the entity complies with regulatory requirements to ensure quality services to the Victorian public on behalf of the government.

Managing change

The environment in which a public entity functions is subject to change. Changes in technology, demographics or the natural environment present ongoing challenges for government. The CEO has a responsibility to ensure the public entity is able to respond adequately and appropriately to change as it occurs.

Some significant changes that public sector CEOs may face include:

  • changes to board membership or priorities;
  • a change of minister or department;
  • legislative or policy change; and
  • government intervention.

Changes to Board Membership or Priorities

Board members hold office for the period specified in the instrument of their appointment (usually three years). The reappointment process is not automatic, especially where a member has already served two terms. Therefore it is highly likely that a CEO will experience changes to the board during their period of time working with the public entity. It is important to know the types of board appointment (for example: ministerial appointment, elected appointment). Clear processes should be developed to ensure appropriate induction of new board members.

The board is responsible for setting the strategic direction and priorities of the entity. The board’s priorities may change due to changes in the government’s priorities or changes in the external environment. The CEO’s role is to enact and communicate changes in board priorities.

Change of Minister or Department

Whether due to a reshuffle or a change in government, ministers may change. The change may be to the minister who has direct responsibility for the public entity’s legislation or a minister of a portfolio that directly or indirectly affects the entity.

Similarly, a machinery of government change may shift responsibility for an entity between departments.

When there is a change of minister, information about the public entity will need to be provided to the new portfolio minister. There is an expectation that secretaries of departments will advise portfolio ministers on the delivery by public entities of financial and reporting responsibilities. However, the chair may also wish to provide the minister with information regarding the entity. This information may include:

  • the legislated functions and powers of the entity;
  • an overview of the entity’s objectives, functions and operating environment, vision and mission, corporate plan and strategic priorities;
  • an overview of the key programs, services, clients, stakeholders and operations of the public entity;
  • the main issues that the entity is dealing with;
  • the status of the entity’s progress against the government’s policy objectives for the entity;
  • the status of activities against the entity’s corporate plan; and
  • the status of key capital and infrastructure works the entity may be undertaking.

Public entities may wish to consider providing similar information to their new portfolio departments in the event of a machinery of government change.


questions to consider

Issue Question
preferences what are the new minister’s or new department’s priorities and in what context should they be viewed?
communication are the preferred protocols for communication going to change? with the ministerial advisers? with the minister?

Legislative or Policy Change

Legislative or policy changes may involve changes to responsibilities, powers and priorities. The portfolio department has a role to advise the CEO regarding changes to legislation and government policies that may affect the public entity. ‘Horizon scanning’ and a good working relationship with the portfolio department will assist the CEO to anticipate and prepare for changes as they occur.

Where there is legislative change, the CEO and the board should clarify with the minister and the department the intent of the change. This should involve clarifying whether there are any changes in ministerial and departmental priorities, and delegations.

Legislative changes may result in changes to the financial arrangements and funding provisions for the public entity.

Compliance obligations also arise from ministerial directions, and may change with changing government priorities. A ministerial direction is a direction addressed to the board and officers of a public entity, usually through the chair, requiring it to act in a particular way in relation to certain aspects of its work. To ensure entities comply with all their obligations, boards and the CEO should identify the obligations to be complied with, and embed compliance in everyday operational processes, guidelines, manuals and training programs.

Government Intervention

Where there are issues with the performance of a public entity, the government has options to intervene in the management of the entity. These include:

  • commissioning a review by the VPSC under the Public Administration Act;
  • where the enabling legislation provides, issuing directions to the board of the entity;
  • terminating the appointments of some or all of the entity’s board members; or
  • appointing an administrator.

The decision to terminate the appointments of some or all of the entity’s board members is only considered when there are persistent or serious issues and is undertaken within the boundaries of relevant legislative requirements.

CEOs may be required to continue in their role. Establishing work priorities with a potential administrator and the department is essential.


Victoria takes an ‘all hazards, all agencies’ approach to managing emergencies. ‘All hazards’ refers to the understanding that despite differences in emergencies, many of the measures required to deal with emergencies are generic. ‘All agencies’ recognises that all agencies have a role in managing emergencies and protecting the community from identified risks.

Public entities may have specific responsibilities under the Emergency Management Act 1986. This may include duties to prepare, respond or assist with recovery following an emergency. In other cases, emergencies may have a direct operational impact on public entities. For example, a natural disaster or health epidemic may prevent staff from attending work. Whether an entity has a specific responsibility or not, there is a need for the entity to have advanced business continuity planning and management to ensure the entity is equipped to continue to deliver vital functions during an emergency.

Roles and Responsibilities

The Emergency Management Act provides the structure for emergency management arrangements in Victoria. The Act uses a broad definition of ‘emergency’. These emergency management arrangements apply at all times – they do not need to be activated by any legal instrument. This ensures clearly defined roles and responsibilities and provides for a rapid response to emergencies.

Part 7 of the Emergency Management Manual Victoria contains role statements that list agencies’ responsibilities for preparation, response and recovery activities. There are 56 agency role statements. This includes one for each government department, as well as for many public entities and other organisations.

CEOs should be aware of the responsibilities that their public entity may have in certain emergencies, and have plans to manage requirements as they arise.

Contingency Plans


CEOs may need to mobilise ’surge staff’ in an emergency. Surge staff are those whose main role does not necessarily involve responding to emergencies but who are available to respond, if required. Efficient mobilisation of surge staff will primarily depend on planning. Public entities which have identified, trained (where appropriate) and maintained the skills sets of suitable staff will be best placed to mobilise them quickly and appropriately in an emergency.

The Public Administration Act empowers the Premier to declare an emergency for the purposes of mobilising the public sector workforce. Upon the declaration of an emergency by the Premier, section 105E of the Act delegates public sector body heads the following ‘emergency powers’ to assist managing their workforce and responding to the emergency:

  • assign any duties to employees;
  • require employees to perform duties within another public sector body or at a place other than their usual place of work; and
  • direct employees to not report for duty.


Business continuity management (BCM) aims to keep an agency operating in the event of an emergency or disaster. BCM is about prioritising an organisation’s workload and determining which elements are core or critical business, and which areas of business can be put on hold whilst resources are unavailable because of the impact of an emergency. BCM involves strategic thinking and planning to anticipate the potential impact of a wide variety of emergencies on the workforce and business areas of an organisation.

This process usually involves a risk-based assessment of key organisational responsibilities to determine events likely to potentially impact upon the entity’s business operations and determining the best available ways to deal with the impacts of those events. An entity is likely to have various business continuity plans for its different business areas. These plans may be updated during a specific emergency.

Questions to Consider

Theme Questions
roles and responsibilities what are the roles and responsibilities of the entity in emergencies?
is the entity a control agency or support agency for particular types of incidents?
who are the senior staff responsible for emergency management?
mobilising what resources does the entity have which could be made available during an emergency?
how is the occupational health and safety of staff managed during an emergency?
continuity what are the potential impacts of an emergency on the entity?
what are the entity’s contingency plans for ensuring delivery of core services during an emergency?
are there any actions that need to be undertaken in the short-term to improve the entity’s ability to ensure continuity of essential services during an emergency?



  1. The responsibilities of current integrity bodies may change with the introduction of the government’s proposed independent broad-based anti-corruption commission.
  2. Victorian Competition and Efficiency Commission 2008, Victorian Regulatory System, p. 53.