The Risk Assessment Framework (previously ‘Regulatory Risk Framework’) describes TEQSA’s regulatory risk management policy and processes. It enables TEQSA to give effect to the principle of reflecting risk in its regulatory activities, as required under the TEQSA Act.

A risk assessment framework (RAF) is an approach for prioritizing and sharing information about the security risks posed to an information technology organization. The information should be presented [..]