Our risk management approach

As respected leaders in whole of Victorian Government policy and performance, DPC is required at times to take informed risks. In doing so, DPC will continue to uphold its values, support the health and safety of its staff, and maintain integrity.

Principles for making complex decisions


Pursue innovation while accepting that some ideas and projects are more achievable than others.

Service delivery

Accept that some policy options may cause short term disruption to the community, DPC or VPS’s reputation in the pursuit of long-term benefits.

Reputation and image

Work collaboratively across the VPS at all levels, communicate with DPC executives, other departments and ministerial offices to achieve department and government objectives.


Manage within budgets. Where competing priorities emerge, reallocate existing resources to align with shifting needs and government priorities of the day.

Comply with DPC’s legal and statutory obligations. Misbehaviour and intentional non-compliance are taken seriously at all levels.

Human Resources and OHS

Challenge and develop our people to ensure a high-performing DPC while ensuring behaviour does not contradict our values, code of conduct or risk staff health, safety and wellbeing.

State-wide and interagency risk

Provide support, expertise and leadership across the Victorian Government as required to manage state-wide or interagency risk.

Three Lines of Defence model

DPC’s risk management policies and procedures work to support complex decision making and are strengthened by the Three Lines of Defence model.

First line of defence: Manage

Staff and Executives (functions that own and manage risk)

Second line of defence: Support

For example, Finance, Legal, Procurement, Risk Management (functions that oversee and support the management of risk)

Third line of defence: Assure

Internal assurance audit (functions that provide independent assurance over the management of risk)