FOI 20.21 0854 Decision Notice of Decision.pdf

Our reference: FOI 20/21-0854

GPO Box 700
Canberra   ACT   2601
1800 800 110
ndis.gov.au
13 October 2021

Shirley
By email: xxxxxxxxxxxxxxxxxxxxxxxxx@xxxxxxxxxxx.xxx.xx

Dear Shirley

Freedom of Information request — Notification of Decision

Thank you for your 2 requests of 9 June 2021, in which you requested access under the
Freedom of Information Act 1982 (FOI Act) to documents held by the National Disability
Insurance Agency (NDIA).

The purpose of this letter is to provide you with a decision on your request.

Scope of your request

As per previous correspondence, under section 24(2) of the FOI Act an agency may treat 2
or more requests as a single request if the subject matter is substantially the same;
therefore, as previously advised, we have combined your 2 requests into one request.

The scope of this combined request was:

“… a copy of the NDIA’s current Risk Management Policy/ies and Procedures, including
all past versions. That is, all NDIA Risk Management Policies and Procedures since
2013, up to an including Jun 21.
… a copy of the NDIA’s Procurement Risk Management Policy/ies and Procedure/s, in
addition to all prior versions. That is, all NDIA Procurement Risk Management policies
and procedures created and used by the NDIA since 2013, up to and including Jun
2021.”

On 6 July 2021, you agreed to provide the NDIA with an additional 30 days to process your
request for information, under section 15AA of the FOI Act. Furthermore, the Office of the
Australian Information Commissioner granted the Agency with a further 30 days to process
your request, due to its complex and voluminous nature, under section 15AB of the Act.

On 7 September 2021, we issued you with a Request Consultation Process under section
24AB of the FOI Act.

On 12 September 2021, you responded, revising the scope of your request to be for the
following documents:

1. “A copy of the NDIA's Risk Management Policies and Procedures (2 documents at
most), as of 9 Jun 21.

2. A copy of the NDIA's Procurement Risk Management Policy and Procedure (2
documents at most), as of 9 Jun 21”

1

Decision on access to documents
I am authorised to make decisions under section 23(1) of the FOI Act. My decision on your
request and the reasons for my decision are set out below.

I have identified 2 documents, which fall within the scope of your request.

The documents were identified by conducting searches of NDIA’s systems, using all
reasonable search terms that could return documents relevant to your request, and
consulting with relevant NDIA staff who could be expected to be able to identify documents
within the scope of the request.

I have decided to grant access to these 2 documents in full.

In reaching my decision, I took into account the following materials:
  your correspondence outlining the scope of your request
  the nature and content of the documents falling within the scope of your request
  the FOI Act
  the FOI Guidelines
  relevant case law concerning the operation of the FOI Act
  consultation with relevant NDIA staff
  factors relevant to my assessment of whether or not disclosure would be in the public
interest
  the NDIA’s operating environment and functions.

Access to edited copies with exempt or irrelevant material deleted (section 22)
I have identified that documents falling within the scope of your request contain material that
is irrelevant to your request. The irrelevant material relates to names of NDIA staff.

In accordance with section 22 of the FOI Act, I have considered whether it is possible to
delete the exempt and irrelevant material from the documents and have concluded that it is
reasonably practicable to do so. Accordingly, I have prepared an edited copy of the
documents with the irrelevant material removed.

Reasons for decisions
Refuse a request for access (section 24A)
Section 24A of the FOI Act provides that an agency may refuse a request for access to a
document if all reasonable steps have been taken to find the document, and the agency is
satisfied that the document cannot be found or does not exist.

In part 2 of your request, you sought access to the NDIA’s Procurement Risk Management
Policy and Procedure.

I have decided to refuse access to part 2 of your request under section 24A of the FOI Act
on the basis that all reasonable steps have been taken to locate the documents you have
requested, and I am satisfied that they do not exist. Whilst the agency has procurement
policy and procedure documents, there is no identified “Procurement Risk Management
Policy and Procedure” document.

I am satisfied that all reasonable steps have been taken to locate the documents you have
requested for part 2, and that the documents do not exist. I have, therefore, decided to
refuse access to part 2 of your request in accordance with section 24A(1)(b)(ii) of the FOI
Act.

2

Release of documents
The documents for release, as referred to in the Schedule of Documents at Attachment A,
are enclosed.

Rights of review
Your rights to seek a review of my decision, or lodge a complaint, are set out at Attachment B.

Should you have any enquiries concerning this matter, please do not hesitate to contact me
by email at xxx@xxxx.xxx.xx.

Yours sincerely

Carolyn
Assistant Director FOI
Parliamentary, Ministerial & FOI Branch
Government Division
3

Attachment A

Schedule of Documents for FOI 21/22-0854
Document
Page
Description
Access Decision
Comments
number
number
Risk Management Guide
FULL ACCESS

1
1-14

Date: November 2019

Risk in Change Guide
FULL ACCESS
Irrelevant material removed
2
15-35

under section 22 of the FOI
Date: December 2019
Act.

4

Attachment B
Your review rights

Internal Review
The FOI Act gives you the right to apply for an internal review of this decision. The review
will be conducted by a different person to the person who made the original decision.

If you wish to seek an internal review of the decision, you must apply for the review, in
writing, within 30 days of receipt of this letter.

No particular form is required for an application for internal review, but to assist the review
process, you should clearly outline your grounds for review (that is, the reasons why you
disagree with the decision). Applications for internal review can be lodged by email to
xxx@xxxx.xxx.xx or sent by post to:

Freedom of Information Section
Parliamentary, Ministerial & FOI Branch
Government Division
National Disability Insurance Agency
GPO Box 700
CANBERRA ACT   2601

Review by the Office of the Australian Information Commissioner
The FOI Act also gives you the right to apply to the Office of the Australian Information
Commissioner (OAIC) to seek a review of this decision.

If you wish to have the decision reviewed by the OAIC, you may apply for the review, in
writing, or by using the online merits review form available on the OAIC’s website at
www.oaic.gov.au, within 60 days of receipt of this letter.

Applications for review can be lodged with the OAIC in the following ways:

Online:
www.oaic.gov.au
Post:
GPO Box 5218, Sydney NSW 2001
Email:
xxxxxxxxx@xxxx.xxx.xx
Phone:
1300 363 992 (local call charge)

Complaints to the Office of the Australian Information Commissioner or the
Commonwealth Ombudsman
You may complain to either the Commonwealth Ombudsman or the OAIC about actions
taken by the NDIA in relation to your request. The Ombudsman will consult with the OAIC
before investigating a complaint about the handling of an FOI request.

Your complaint to the OAIC can be directed to the contact details identified above. Your
complaint to the Ombudsman can be directed to:

Phone:
1300 362 072 (local call charge)
Email:
xxxxxxxxx@xxxxxxxxx.xxx.xx

Your complaint should be in writing and should set out the grounds on which it is considered
that the actions taken in relation to the request should be investigated
1