(1) The purpose of this policy is to define the RMIT framework and objectives for the management of compliance obligations and promote a positive compliance culture as an integral part of ensuring good governance and operational excellence at RMIT. (2) RMIT University is a public institution under Victorian law and stands on Aboriginal Country of the Kulin Nation. RMIT recognises and acknowledges the Bundjil Statement that helps all RMIT staff to respectfully work, live and study on Aboriginal Country. (3) RMIT is subject to a wide range of compliance obligations including compliance requirements under applicable laws, regulations, standards, codes of practice, and compliance commitments made by RMIT. (4) This policy frames the (5) The policy applies to all staff, researchers, contractors and volunteers of the RMIT Group. (6) RMIT is committed to ensuring compliance with all laws and regulations, and alignment to standards and codes of practice that apply to the RMIT Group. (7) RMIT will embed a positive compliance culture across all operating areas with control systems that create effective and sustainable compliance outcomes. (8) Compliance management will be underpinned by continuous improvement and awareness of compliance obligations across all operating areas and locations. (9) RMIT’s compliance framework encompasses the following elements: (10) This policy and the Compliance Management Program form key components of RMIT’s compliance framework. (11) RMIT’s compliance framework is informed by governance structures and instruments including, but not limited to: (12) The Audit and Risk Management Committee assists RMIT University Council (Council) in discharging its responsibilities to the RMIT Group by monitoring compliance with laws, regulations and the Code of Conduct. (13) Members of the Vice-Chancellor's Executive: (14) Governance, Legal & Strategic Operations: (15) Compliance management contacts: (16) All staff and researchers remain individually accountable for their actions as members of the RMIT Group community, bound by the Code of Conduct and relevant enterprise agreements. They have a responsibility to: (17) Contractors and volunteers have a responsibility to: (18) This policy is maintained by the Governance, Legal & Strategic Operations team. (19) Periodic review will have regard to ISO 19600 Intentional Standard for Compliance Management. (20) Refer to the:Compliance Policy
Section 1 - Purpose
Section 2 - Overview
Section 3 - Scope
Section 4 - Policy
Compliance Framework
Responsibilities
Review
Section 5 - Procedures and Resources
Section 6 - Definitions
Breach
A contravention of a compliance obligation caused by an act or omission. Significant or material breaches may be reportable to an external agency or regulator. See also: Material breach
Compliance obligation
Compliance Management Program
The coordinated institutional approach to identification, monitoring, review and reporting of compliance obligations, risks, and performance across the RMIT Group.
Compliance management contact
Senior leaders, with subject matter expertise, usually reporting directly to a member of the Vice-Chancellor's Executive. They are responsible for implementing the compliance management program for their specific areas of operational responsibility.
Compliance obligation register
Compliance obligation breach register
A record of breaches of the University’s compliance obligations managed by Governance, Legal & Strategic Operations.
Governance attestation process
A verification process undertaken by members of the Vice-Chancellor's Executive and key senior staff whereby they attest to the effectiveness of internal controls and compliance/non-compliance with the obligations that are relevant to their areas of operation throughout the University.
Governance bodies
Council, committees of Council, and the Academic Board.
Material breach
A severe and significant breach, in terms of scale and/or regulatory requirements, or with implications for safety and security, and/or legal requirements. See also: Breach
Responsible owner
A member of the Vice-Chancellor's Executive or a specified regulatory delegate under the Delegations of Authority.
View Document
This is not a current document. To view the current version, click the link in the document's navigation bar.
Compliance obligations at RMIT are grouped into three tiers.
Tier 1: obligations that are fundamental to RMIT’s core business, being the provision of education and research, which are identified as high priority and core to licenses to operate as a Table A University, RTO, CRICOS provider and non-senior secondary school provider. It includes high risk obligations relating to the good governance of RMIT.
Tier 2: obligations that relate to RMIT’s operational efficiency and commercial success. They are relevant to specific operating locations, business units or functional areas.
Tier 3: other obligations established under the RMIT Policy Governance Framework including delegations of authority, standards of conduct and obligations to give effect to RMIT’s self-accrediting authority.
There are two types of registers that support the Compliance Management Program.
Key Compliance Obligation Register: a record used to identify tier 1 compliance obligations and to assess the risk, impact and likelihood of non-compliance with these obligations. Compliance activities and controls for these obligations are documented within the register.
Functional/business level Compliance Obligation Register: a record used to identify tier 2 compliance obligations and to assess the risk, impact and likelihood of non-compliance with these obligations.