• Key contacts at TEQSA (for providers)

    TEQSA’s Enquiries Management team (providerenquiries@teqsa.gov.au) is the primary contact for registered higher education providers with TEQSA-related enquiries. However, TEQSA also has specialist contact teams across the agency that are best placed to assist you in a timely and efficient manner when you have a specific enquiry. Please use the following list of key contacts to help direct your enquiry to the most appropriate TEQSA team contacts.

    Nature of enquiry Example enquiries Key Contact
    New application for initial registration Preparing an application for initial registration Email new.registration.enquiries@teqsa.gov.au
    In progress assessments for initial registration and accreditation for prospective providers Enquiring about a submitted application Contact the TEQSA staff member assigned to the assessment. If you are unsure who this is, contact new.registration.enquiries@teqsa.gov.au
    In progress assessments for course accreditation or reaccreditation for existing providers

    Enquiring about a submitted application for:

    • new course accreditation for existing providers
    • renewal of course accreditation.
    		 Contact the TEQSA staff member assigned to the assessment. If you are unsure who this is, contact assessments@teqsa.gov.au
    CRICOS matters
    • Enquiring about CRICOS or ESOS Act requirements
    • Preparing an application for CRICOS registration or renewal of registration
    • Submitting a CRICOS-related application e.g. to add a course
    • Enquiring about a submitted CRICOS-related notification or application.
    		 Email CRICOS@teqsa.gov.au
    ELICOS and Foundation Program matters
    • ELICOS or Foundation Program provider enquiries
    • Applying to add an ELICOS or Foundation Program to CRICOS
    • Applying for an exemption to enrol students under the age of 17 in Foundation Programs.
    		 Email CRICOS@teqsa.gov.au
    Provider registration matters
    Renewal of registration
    Withdraw provider registration
    • Preparing an application for renewal of registration
    • Submitting an application for renewal of registration
    • Enquiries about renewal of registration applications in progress
    • Requesting an extension to registration period
    • Submitting an application to withdraw registration
    • Enquiries about withdrawing registration
    		 Email: reregistration.enquiries@teqsa.gov.au
    Self-Accrediting Authority or Provider Category Change
    Self-accrediting authority (SAA) 
    Change provider category 
    • Preparing an application for self-accrediting authority or provider category change
    • Submitting an application for self-accrediting authority or provider category change
    • Enquiries about applications in progress
    		 Email: reregistration.enquiries@teqsa.gov.au
    Application fees Enquiring about refunds for application fees. Email finance@teqsa.gov.au
    Material changes Submitting a material change notification. Email materialchanges@teqsa.gov.au
    Risk Assessment Framework Enquiring about the risk assessment process. Email risk@teqsa.gov.au
    Provider Information Request (PIR) Enquiring about the PIR. Email collections@teqsa.gov.au
    Sexual assault and sexual harassment guidance Guidance about prevention and response to sexual assault and sexual harassment matters. Email studentwellbeing@teqsa.gov.au
    Compliance matters 

    Enquiring about a compliance matter that TEQSA has notified you about, for instance:

    • a compliance assessment
    • an investigation.
    		 Contact the TEQSA staff member assigned to the compliance matter. If you are unsure who this is, contact the TEQSA Enquiries Management team (providerenquiries@teqsa.gov.au).
    Complaints about TEQSA Complaints about TEQSA’s practices, services or approach. Email review@teqsa.gov.au

    Preparing an application for:

      
    • Applying for new course accreditation for existing providers
    • Applying for renewal of course accreditation
    • Enquiries about:
      • withdrawing a course/ teach out
      • requesting an extension to accreditation period.
    		 Email: assessments@teqsa.gov.au
    Conditions

    Enquiries about:

    • conditions imposed on registration or course accreditation
    		 Email: conditionsundertakings@teqsa.gov.au
    Any other matters, enquiries or guidance Help with the Provider Portal, for example, changing and updating logins. Contact TEQSA’s Enquiries Management team at providerenquiries@teqsa.gov.au

     

    Last updated:

  • Risk assessment – Frequently Asked Questions (FAQs)

    TEQSA’s Risk Assessment Framework

    TEQSA’s risk assessments of registered higher education providers are a key component of TEQSA’s risk-based approach to assuring higher education standards. TEQSA’s Risk Assessment Framework outlines the key steps and components of the risk assessment process, and provides detailed supporting information on the risk indicators used.

    What will be covered under the current risk assessment cycle?

    For the current risk assessment cycle, we will:

    • include risk assessment for student, staff and audited financial data, two years prior to the current risk assessment cycle year
    • continue to share provisional risk assessment reports with providers. Providers will have an opportunity to comment on the provisional report before a final risk assessment report is completed.

    Risk ratings explained

    The standard ‘low’, ‘moderate’ or ‘high’ risk ratings are applied to each indicator. There may be instances where a rating is ‘suspended’ or a No Confidence in Data (NCID) rating is applied. For example, a rating may be suspended if a provider is new and does not have enough data to form a view on an indicator, while NCID may be applied if the data is missing, or the data received from the Department of Education is inconsistent.

    What can I expect if my Overall Risk Rating is rated high?

    For providers that receive a ‘high’ Overall Risk to Students or Overall Risk to Financial Position, we ask that you carefully review the risk indicators associated with the risks identified and consider whether you have appropriate controls or treatment plans in place.

    We expect providers would have already identified risks to their education operations, as required by Higher Education Standards Framework (Threshold Standards) 2021 (6.2.1e) and would have plans in place to mitigate these risks. We may contact you to discuss your risk assessment and seek information on actions your governing body has taken and further steps in response to the identified risks.

    Which providers will be in scope for the current Risk Assessment cycle?

    Providers registered on or after 1 January of the year, two years prior to the current risk assessment cycle year, are not in scope for the current risk assessment cycle– noting that 3 years of financial data is required to assess financial sustainability and at least 2 years of student is required for student indicators.

    Will my risk assessment be made public?

    Risk assessments relating to individual providers are not publicly released by TEQSA or shared with other providers. Where risk assessment information is released, it is released in aggregate to avoid identifying a single provider.

    Will the risk thresholds be published?

    The risk thresholds used to inform ratings are not published. Risk thresholds are considered in the context of other information and are not the sole determinant of risk ratings. Professional judgement is used regarding the specificities of each indicator, in determining the levels which may represent potential risk.

    It is important to note that the sector benchmarks which appear in the risk assessment are not the risk thresholds and are not framed around the thresholds. They are median values of each indicator by provider category.

    Do I need to respond to the provisional risk assessment report?

    You do not need to provide a response to your provisional risk assessment report. However, if you have evidence that may inform our assessment of your risk rating, you should provide that information within three weeks of receiving the provisional report.

    Responses received after the due date for a response will not be considered in the current cycle and will be considered in the next risk cycle.

    What should I do if the data in the risk assessment is incorrect?

    TEQSA uses data providers have submitted to the Department of Education and validated as accurate.

    Providers are required to ensure they submit correct data and validate that data well before the submission due date set by TCSI. Changes will not be made to the data submitted and verified by providers through TCSI.

    Data updated on TCSI after the submission due date or changes in data conveyed through a provider’s response to a provisional risk report may not be considered in the assessment for the current cycle unless there are exceptional circumstances. Failing to appropriately verify your data prior to submission will not be considered exceptional circumstances.

    How does TEQSA use risk assessments?

    Risk assessments are one tool used to assist TEQSA gather a fuller understanding of the risks to compliance that may be posed by providers. This information is considered with other intelligence to inform the approach and intensity of our regulatory assessments.

    What data is used to conduct the risk assessment?

    The risk assessment is based on staff, student and audited financial data from two years prior to the current risk assessment cycle year. This is the most current data we can access on a sector-wide scale via existing reporting mechanisms.

    TEQSA works closely with the Department of Education to access data for providers that already report data to existing collections. These collections include:

    • HELP IT System (HITS) – financial data for higher education providers
    • Department of Education – financial data for Table A and B providers
    • Tertiary Collection of Student Information (TCSI) – staff and student data
    • QILT system for Graduate Outcome Survey (GOS) and TEQSA GOS template for providers for whom data is not collected through QILT.

    In addition, TEQSA considers a provider’s regulatory history when applying ratings. For example, information provided through material change notifications, regulatory decisions such as shortened periods of registration, and compliance concerns known to providers.

    How do I submit data for the Provider Information Request (PIR)?

    From 2022, TEQSA required providers to report against the revised PIR collection using the new Tertiary Collection of Student Information (TCSI) (pronounced as 'taxi'). For information about TCSI, including TCSI FAQs, a range of support materials and information about webinars, please visit TCSI Support.

    We strongly encourage providers to prioritise the onboarding process, so that they can submit, check and validate the required data within the deadline.

    How is S2-attrition rate calculated?

    As per TCSI’s calculation, attrition rate in year (x) = (R1 - R2 – R3 – R4) *100/ R1.

    Where:
    R1=commencing students – students who have enrolled in a course at a higher education provider with a commencement date in year (x)
    R2=returning students – commencing students who have an enrolment record in year (x + 1) and have no completion record in year (x)
    R3=completing students in year (x) – commencing students who have a completion record in year (x)
    R4=completing students in year (x + 1) – commencing students who have a completion record in year (x + 1) and no enrolment record in year (x + 1)

    For details about the calculation of attrition rate please refer to TCSI website.

    Are any courses excluded while calculating the risk rating for S2-Attrition Rate?

    Yes, the data for Element E310 - Course of study type with values of 30 (Enabling course) and 50 (Non-award course (including Bridging for overseas trained professionals)) are excluded while calculating the risk rating for S2-Attrition Rate.

    In the calculation of S3-Progression rate, 'R3 = Actual student load (EFTSL) for units of study that are withdrawn in the last academic year or 12-month period'. Does calculation include students that have withdrawn before the census date?

    Based on the Department of Education definition, the percentage of actual student load (EFTSL) for units of study that are passed to all units of study completed in the last academic year or 12 month period includes, passed, failed and withdrawn.

    Why does the Risk Assessment report for S3-Progression Rate indicator show no data and suspended rating even after data has been submitted?

    Any units of study undertaken as ‘Work Experience’ in Industry are excluded from the calculation of S3 Progression Rate. Check if the Element E337 Work experience in industry code is populated with a value of 1 or 2 for all units of study.

    While calculating the S4-Graduate Satisfaction risk rating, are negative responses also considered?

    TEQSA considers only the number of positive responses to the questionnaire (i.e. the number of responses above a neutral response. Could be “moderately agree, agree, somewhat agree, strongly agree.”)

    Are non-award courses included in the Broad Field of Education (BFOE) while calculating the risk rating for S5-Senior Academic Leaders?

    We exclude ‘Non-Award Course’ while considering the BFOE count, however we include ‘Mixed Field Programmes’ in our calculations. For more information about the non-award courses please refer to TCSI website.

    What academic levels are included under the Senior Academic Leaders for non-university providers?

    In addition to Level D and E, TEQSA includes data reported to the Tertiary Collection of Student Information (TCSI) against Level C for assessing the Senior Academic Leaders (SAL) risk rating.

    TEQSA has included this information in its assessment because:

    • providers who were subject to the Education Services (Post Secondary Education) Award 2020 (the Award), used to report some of their senior academic staff to TCSI under code 160
    • in 2021, TCSI removed code 160, and required providers to report senior academic leaders against Level C, D and E
    • in the absence of information about which non-university providers are subject to the Award, TEQSA assesses all non-university providers to include staff reported against Level C as senior academic leaders. This allows for having a common formula for calculating the SAL risk ratings and does not disadvantage any provider.

    Why is there a difference in the EFTSL values used in the calculation of S1-Student Load and S6-Student Staff Ratio? Are students enrolled in research units, VET, and short courses, etc., considered in the calculation of S6-Student Staff Ratio?

    Student to staff ratio is calculated by considering the ratio of total onshore coursework student load (EFTSL) to total onshore teaching only (TO) and teaching and research (T&R) staff full-time equivalent (FTE) employed by the provider, including casuals. Students enrolled in research units, VET, and short courses, etc., are not considered in the calculation of S6-Student to Staff ratio, whereas they are included in the total EFTSL count under S1-Student Load.

    Please also refer to TCSI site for further information.

    Are any staff excluded while calculating the risk rating for S7-Casualisation?

    Yes, non-academic staff are excluded.

    To filter out non-academic staff, the data for Element E509 - Current duties classification group code with a value of 11 (Non-academic classification level group) is excluded from the calculations.

    Non-academic staff are excluded because S7- Casualisation only captures the percentage of academic FTE employed on a basis other than full time or fractional full time to total academic FTE employed by a provider.

    I follow the calendar year, when should I submit the finance data?

    A condition of registration is that registered higher education providers must provide an audited annual financial statement in the approved form, within 6 months after the end of the annual reporting period (Section 27 of the Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act)). This reporting is also a requirement under Subdivision 19-B, section 19-10 of the Higher Education Support Act 2003.

    Providers following the calendar year, i.e. with a financial year ending 31 December, should submit the finance data by 30 June of the following year.

    Providers following the financial year, i.e. with the financial year ending 30 June, should submit the finance data by 31 December of that year.

    For example, for 2025 Risk Assessment cycle:

    • if following calendar year, i.e. January- December 2024, data should be submitted by 30 June 2025
    • if following financial year, i.e. July 2023-June 2024, should have already submitted the data by 31 December 2024.

    Do I need to submit financial performance data as well as the audited financial statements?

    Yes, both financial performance data and audited financial statements should be submitted by the due date.

    All providers are required to report their financial performance data and audited financial statements (pdf) on an annual basis to the Department of Education. Except for universities, all providers report data through the Department’s HELP IT System (HITS). For all HITS related enquiries, please email FEE-HELP@education.gov.au.

    See the Department’s HELP Resources for Providers page for more information about HITS, including a user guide.

    For universities, audited financial statements should be submitted to the Department of Education at ppfinance@education.gov.au, along with a completed Annual Financial Return spreadsheet provided by the Department of Education.

    If you are a new provider, then please register in HITS. Instructions on how to register are available on pages 41-43 of the HITS User Guide. From this page, you will be prompted to input the sector (HE, VET or dual) and other relevant information. If you have any specific questions about HITS, please email FEE-HELP@education.gov.au.

    What will happen if the financial performance data and audited finance data are submitted after the due date?

    Finance data should also be submitted by the due date. Failure to submit financial information within required timeframes is a breach of a condition of registration for which TEQSA may apply sanctions.

    Such sanctions may include TEQSA issuing an infringement notice, shortening the period of registration or cancelling registration (sections 98, 100-101, 113 and 118 of the TEQSA Act). In addition, TEQSA may assign a ‘high’ risk rating to the provider in the annual risk assessment cycle.

    Are provider risk ratings for risk indicators decided by comparing them with sector benchmarks?

    Provider risk ratings for indicators are not decided by comparing them with the sector benchmarks. The risk assessment framework enables a consistent, structured, and systematic approach to assessing risk across all providers. This is achieved by using a standard format and set of risk indicators across areas of institutional practice and outcomes that are central to all providers.

    Why are there inconsistencies in the percentage scales across different indicators within the Risk Assessment reports?

    The Risk Assessment reports involve a variety of data related to staff, student and finance across multiple providers. This makes it difficult to have one standard approach for the percentage scales. Furthermore, the axes on different pages of the report are adjusted to accurately reflect the varying ranges and distributions of data for each provider, ensuring clarity and precision.

    The current approach:

    • highlights key insights specific to each risk indicator dataset
    • avoids misinterpretation from a uniform scale
    • maintains meaningful relative comparisons within each chart.

    Additionally, customized axes help capture outliers effectively, enhancing the visual appeal and readability, and makes the presentation more engaging and easier to follow.

    Which casual staff data is used by TEQSA for calculating risk ratings – estimates or actual?

    TEQSA uses casual staff data from the Casual Staff Actuals packet.

    TEQSA does not use data from the Casual Staff Estimates packet to calculate risk ratings.

    Which staff data packets are used by TEQSA for its Risk Assessment?

    Using the example of Risk Assessment Cycle RA2024 (Data Year 2023), staff data from the 2023 Full-Time Staff packet and the 2023 Casual Staff Actuals packet (collected the following year) will be used by TEQSA for its Risk Assessment.

    Providers submit the Casual Staff Actual data using the Element E514 - Actual full-time equivalence prior year. However, TEQSA gets the value for the Staff Actual Casual from the Department of Education’s internal dataset Element E506 -  Work contract code filtered for a value of 4 - Casual work contract - actual data reported in year after the collection year.

    For any further queries on staff data reporting, please contact the TCSI Support Team at TCSIsupport@education.gov.au.

    What is the process to verify provider data in the TCSI system?

    The screenshot below taken from the Provider Data Verification User Guide on the TCSI website provides an overview of the verification process.

    For further information, please contact the TCSI Support Team at TCSIsupport@education.gov.au.

    An overview of the verification process TCSI

    I have changed my LIVE data in the TCSI system after collection sign-off, why does the updated LIVE data not reflect in my Risk Assessment reports?

    Types of reports in TCSI

    The above figure provides an overview of the different types of reports in TCSI. Unless unique circumstances arise, TEQSA only uses the Verified Report Data for its Annual Risk Assessment. Therefore, any change made to the LIVE data is not automatically reflected in TEQSA’s Risk Assessment reports.

    Therefore, it is important for providers to ensure the data they submit to the TCSI system is accurate before verifying and signing off on it.

    What are the deadlines for submitting the data for Risk Assessment?

    The Annual Information Collection page on the TEQSA website provides all the details and submission deadlines for Risk Assessment.

    Last updated:

    Related links

  • Risk assessment cycle

    The risk assessment cycle occurring in 2025

    The risk assessment cycle occurring in 2025 uses the indicators set out in the TEQSA Risk Assessment Framework.

    For this cycle we will:

    • include risk assessment for 2023 student, staff data and audited financial data
    • continue to share provisional risk assessment reports with providers. Providers will have an opportunity to comment on the provisional report before a final risk assessment report is completed.

    As TEQSA requires multi-year data for several risk assessment metrics, providers registered after 1 January 2022, will not receive a risk assessment report.

    Frequently asked questions for the risk assessment cycle occurring in 2025 are also published to assist providers.

    What stays the same?

    1. Provider risk assessments will continue to be treated confidentially by TEQSA.
    2. The outcome of the risk assessments will continue to inform TEQSA’s approach to regulation, which is guided by principles of risk, necessity, and proportionality.
    3. Regulatory history continues to be used to inform risk ratings. TEQSA weighs regulatory decisions made from 1 January 2022, and any active conditions on the provider’s registration when determining the overall ratings.

    For more information on TEQSA risk assessment, please contact the Risk Team at risk@teqsa.gov.au.

    Last updated:

  • Consultation opens for guidance notes

    TEQSA is working to improve the efficiency of our regulatory operations and support greater self-assurance within the higher education sector by continuing to enhance our suite of guidance notes.

    To support this project, TEQSA has opened consultation on the following 3 draft documents:

    This consultation closes at 5:00pm (AEST) on Friday 18 July 2025.

    You can submit feedback to consultation@teqsa.gov.au. Submissions in Microsoft Word or PDF format are preferred.

    Date
    Last updated:
    Featured image

  • Raising a complaint or concern

    Raise a concern or complaint

    TEQSA collects and analyses information to assure the quality of Australia’s higher education providers. One source of information used is concerns and complaints raised with us. This information helps TEQSA assess whether or not a provider is meeting their regulatory obligations.

    Concerns and complaints are prioritised based on our compliance priorities. Generally, we pursue issues that pose the greatest risks to either students or the integrity, quality or reputation of Australia’s higher education sector.

    If you wish to raise a concern or complaint, we recommend first checking that we are the most suitable organisation to assist. You can do this by reading the below section, How to raise a complaint or concern.

    If you are a student seeking to resolve a complaint with your higher education provider, the National Student Ombudsman may be best placed to help you. The National Student Ombudsman works with students and higher education providers to resolve complaints. It is a free, independent service and does not take sides.

    How to raise a complaint or concern

    1. Raise your concern with the provider
    2. Confirm TEQSA is the right organisation to help
    3. Raise a complaint or concern.

    1. Raise your concern with your provider

    Before raising a complaint or concern with TEQSA, we encourage you to raise it directly with your provider, where appropriate. Providers have complaints processes in place to help you resolve issues.

    Your provider’s process will generally require you to submit the complaint in writing. You should receive a formal response, outlining how your complaint will be considered and when you can expect a response. The provider should investigate your complaint and notify you in writing of the outcome.

    If your complaint is not resolved by the provider’s internal processes, you can seek a review from an independent third party. Providers are required to have a process in place for students to seek an appropriate independent, third party review. This process must be available to students at no charge or at a reasonable cost. In many cases, the third party may be the office of an ombudsman, such as the National Student Ombudsman.

    2. Confirm TEQSA is the right organisation to help

    TEQSA protects the interests of students and the reputation and standing of Australian higher education. We use complaints and concerns as a source of information, along with other risk intelligence and our compliance priorities, to decide when regulatory action is appropriate.

    TEQSA can take action when there is concern about a serious systemic risk to students, or to the quality or reputation of Australia’s higher education sector. Some examples include, student wellbeing and safety, admission practices, and the quality of teaching and learning. TEQSA’s actions will be guided by its current compliance priorities.

    We cannot take action on concerns that are not in our scope of responsibility. Examples include guidance on interpreting a provider’s policies and procedures, or disputes about an individual’s:

    • assessment results or outcomes
    • recognition of prior learning
    • fees and refunds
    • cancellations
    • scholarships.

    There are other organisations who can assist you if a matter is outside TEQSA’s scope of responsibility. The types of matters that fall outside TEQSA's responsibility, and that can be responded to by another organisation, include:

    Resolving a complaint or dispute with a higher education provider

    International students resolving complaints or disputes with private providers about administrative actions or decisions and the related processes

    Concerns about a Vocational Education and Training (VET) course

    Matters relating to HELP loans, including FEE-HELP

    Matters relating to VET FEE-HELP or VET Student Loans

    Complaints about migration agents

    Matters relating to student visa requirements or reporting suspicious activities relating to immigration or citizenship

    3. Raise a complaint or concern

    Please complete our form using the link below.

    Raise a complaint or concern

    We’ll acknowledge receipt of your complaint or concern by email and carefully consider the appropriate response. There are a range of possible outcomes, and these are outlined on our What happens next page.

    For more information about how we handle concerns and complaints, please see our Concerns and complaints about providers policy.

    Last updated:

  • Education to industry: How gen AI is shaping tomorrow webinar recording

    On 12 June, TEQSA hosted a joint webinar with the National Artificial Intelligence Centre (NAIC) and Jobs and Skills Australia (JSA).

    The webinar explored the impact of gen AI on education and industry, including the role of both professional accreditation bodies and higher education providers in ensuring future graduates have the knowledge and skills they will need as they enter the workforce.

    A recording of the webinar is now available.

    Links to the resources mentioned during the webinar are below.

    National Artificial Intelligence Centre

    Jobs and Skills Australia

    TEQSA

    Date
    Last updated:
    Featured image

  • Risk assessment framework

    Body

    Introduction

    Background

    The Tertiary Education Quality and Standards Agency (TEQSA) risk assessments of registered higher education providers are a key component of TEQSA’s risk-based approach to assuring higher education standards. The Risk Assessment Framework (RAF) outlines the key steps and components of the risk assessment process, and provides detailed supporting information on the risk indicators used. Information on how risk assessments form part of TEQSA’s approach to quality assurance can be found in the paper Our approach to quality assurance and regulation.  

    Under the ESOS Act, TEQSA regulates a number of ELICOS and Foundation Program providers that are not registered higher education providers. TEQSA’s approach established under the RAF also applies to these providers, but with a tailored set of risk indicators and information requirements. 

    TEQSA is committed to continuing to refine the RAF over time, with experience of applying the RAF in its assessment processes, feedback from providers and through consultation with peak bodies. TEQSA will also continue to expand available information on the RAF and other processes through the TEQSA website.

    Information sources 

    TEQSA works closely with the Department of Education (Department) to access data for providers that already report data to existing collections in order to minimise reporting burden and remove any overlap in reporting through data sharing arrangements with other agencies.

    TEQSA sources data through the Tertiary Collection of Student Information (TCSI) system and through the HELP Information Technology System (HITS).

    TEQSA has reduced its annual reporting requirements since 2012 and is continuing to work with the Department and other stakeholders to further reduce reporting burden, while maintaining its capacity to assure standards under a risk-based approach.

    Overview

    Purpose of risk assessments    

    TEQSA’s risk assessments provide a snapshot of providers across the sector to help prioritise TEQSA’s focus in undertaking its assurance activities. They assist TEQSA to give effect to its principles of reflecting risk, proportionality and necessity, as outlined under the Tertiary Education Quality and Standards Agency Act 2011 (the TEQSA Act). They also inform risk-based regulation of providers under the Education Services for Overseas Students Act 2000 (the ESOS Act).

    Through the RAF and use of risk assessments, TEQSA aims to:

    • reduce burden on the sector by using risk assessments to inform a differentiated approach to evidence and reporting requirements in assessment processes (e.g. for renewal of registration and course accreditation applications)
    • strengthen the protection of students’ interests and the sector’s reputation by monitoring key aspects of providers’ operations during registration periods
    • support providers to engage in early discussion about emergent issues prior to any scheduled assessment process
    • support quality improvement activities through the sharing of information with providers about potential risks and good practices in the sector.

    TEQSA’s risk assessments do not draw conclusions about compliance with the Higher Education Standards Framework (Threshold Standards) 2021 or the ESOS Act and National Code1, but rather identify potential risks of non-compliance. In other words, risk assessments may identify ‘leads’ that warrant closer consideration by TEQSA, but do not confirm that there is necessarily a problem. 

    The purpose of the RAF is not to identify all institutional risk or to replace or replicate a provider’s own risk management. The RAF focuses on key risks across the sector that can be readily measured on a regular basis. TEQSA’s assessment processes, such as a renewal of registration, involve a deeper assessment of evidence to determine compliance with the Standards.

    Approach

    The RAF enables a consistent, structured and systematic approach to assessing risk across all providers. This is achieved by using a standard format and set of risk indicators across areas of institutional practice and outcomes that are central to all providers.

    TEQSA recognises, however, the breadth of diversity in the sector and the importance of provider context in assessing potential risks. TEQSA also recognises that innovation often involves a degree of risk taking and does not consider risk as necessarily negative or that all risk must be controlled or eliminated. To support this in practice, TEQSA’s approach allows for expert judgement and consideration of providers’ history, context and own risk management within the risk assessment process. Dialogue between TEQSA and providers about potential risks also enables TEQSA to better understand where risks may reflect strategic decisions taken by the provider for innovation and growth, and where risk controls are in place. TEQSA will look for evidence that the provider’s risk-taking is well managed, for example, through evidence of careful planning and using of pilots of the proposed innovation.

    TEQSA’s risk assessments are predominantly focused at the institutional level, but may also consider risks relating to specific aspects of a provider’s operations, such as particular cohorts of students and/or areas of course offerings.

    TEQSA’s approach to risk assessments is informed by the ISO Risk Management Standards, while adapted for TEQSA’s regulatory context and purpose.

    Risk assessment process

    Overview

    TEQSA undertakes an annual cycle of risk assessments of all providers, following TEQSA’s PIR and acquisition of data from existing annual national collections where available.

    TEQSA may choose to update a risk assessment outside of the annual cycle in response to emerging information. An overview of key steps in TEQSA’s risk assessment process is reflected in Figure 1 below and further outlined in the following sections.

    Figure 1 – Key steps in risk assessment process

    Diagram displaying 3 steps in risk assessment process


    Steps in the assessment

    Key steps in the risk assessment process, as reflected in the figure above, are:

    1. Risk assessment

    • TEQSA gathers existing information from various sources, mainly TCSI and HITS, national survey data, findings from TEQSA assessment processes, and information from the previous TEQSA risk assessment cycles
    • TEQSA considers the history and context of the provider, its approach to delivery, and findings from previous assessment processes (positive and adverse)
    • TEQSA undertakes an analysis of risk indicators, guided by risk indicator thresholds, trends, and other relevant context
    • TEQSA undertakes a holistic evaluation of the history, context and indicator analysis to determine overall risk ratings, with explanatory notes where significant risk is identified.

    2. Dialogue with provider 

    • TEQSA will usually share a risk assessment with all providers each year, except for newly registered providers that have insufficient data to conduct a risk assessment
    • each provider will have the opportunity to respond to its risk assessment which may lead to adjustments in the risk assessment
    • if significant risks are identified, TEQSA will invite the provider to discuss the risk assessment and provide any broader context and information on its strategies and any risk controls in place. 

    3. Next steps

    • the finalised risk assessment is used to inform the scope of scheduled assessment processes (e.g. renewal of registration application processes) and, in some cases, may lead to further interaction with a provider ahead of an assessment process
    • in cases where a provider has ongoing regulatory matters, the distribution of the risk assessment will be coordinated with TEQSA’s regulatory decisions to ensure consistency across all findings.

    What the process involves for providers

    It is optional for providers to respond to TEQSA’s annual risk assessments, unless specifically requested by TEQSA.

    TEQSA undertakes the necessary data calculations and analysis to prepare risk assessments. TEQSA will issue a risk assessment to all providers.  A provider will receive a risk assessment with an invitation to comment. The provider may choose to provide additional information. If TEQSA considers it necessary to take further steps as a result of a final risk assessment, a meeting with the provider will be organised to discuss the providers risk assessment. 

    A provider will receive a copy of its latest risk assessment where there is a forthcoming renewal of registration process.

    Key components of risk assessments

    Overview

    An overview of the key components of a risk assessment is reflected in Figure 2 below and further detailed in the following sections. 

    Figure 2 – Key areas considered in risk assessment

    An overview of the key components of a risk assessment


    Overall risk evaluation

    TEQSA makes an overall evaluation against: ‘Risk to Students’ and ‘Risk to Financial Position’. The evaluation uses a high, moderate or low rating (represented with traffic light colours). This is a qualitative expert judgement taking into consideration the provider’s context, history and standing, and analysis of risk indicators.

    Where an overall evaluation is not able to be established due to lack of information or track record, conflicting information, or unreliable data, the overall rating may be suspended, or a rating of ‘No Confidence in Data’ applied.

    Four key risk areas

    TEQSA focuses on four key areas in risk assessments to support the overall evaluation:

    1. regulatory history and standing
    2. students (load, experience and outcomes)
    3. academic staff profile
    4. financial viability and sustainability.

    Considered together, these areas provide coverage across key aspects of providers’ operations and all contribute to a view of potential risks to academic standards. In particular, the role of regulatory history in the risk assessment highlights any risks to academic standards identified through previous TEQSA assessment processes. This may include, for example, findings relating to:

    • quality assurance processes in a past renewal of registration process
    • admission practices in a past renewal of course accreditation process
    • professional accreditation status through a material change notification.

    The other key risk areas are informed through the assessment of a set of risk indicators.

    Risk indicators

    Risk indicators have been identified giving consideration to data availability (on an annual basis), applicability across the sector, and to different provider circumstances. The risk indicators, with descriptions and links to the Standards, are set out at Appendix 1. Supporting technical information on the risk indicators is provided at Appendix 2. The indicators are rated using a traffic light system.

    A combination of input and output/outcome indicators are used, recognising that relying solely on output/ outcome indicators would mean a focus on the detection of confirmed failure, but not prevention. A combination of indicators also provides a more holistic view of a provider’s operations noting the limitations of individual indicators.

    The assessment of indicators using student data includes a specific focus on any onshore and offshore international student populations (where possible). This allows a view of organisation-wide risk, as well as risk to these cohorts of students. An integrated approach of this kind is consistent with the considerable overlap between the ESOS Act and National Code, and the TEQSA Act and Threshold Standards.

    Risk thresholds

    In assessing risk indicators, TEQSA considers a set of risk thresholds, while taking into account provider context and risk controls (where information is available).

    TEQSA has adopted a systematic approach to developing its risk thresholds, which includes consideration of the following dimensions:

    1. Reference material

    Documentation such as past regulatory and quality assurance reports, and providers’ risk management and strategic plans, can provide views on common issues such as attrition and student-staff-ratio.

    2. Statistical analysis of the sector

    Status quo and trends in the sector can shed light on the discriminating power of a risk threshold.

    3. Experience from previous risk cycles

    TEQSA’s experience of applying the risk thresholds can help to ascertain their efficacy.

    4. The nature of indicators

    Consideration of the different nature of indicators can inform whether the indicators lend themselves to a more absolute setting of risk thresholds or whether more emphasis is given to levels that vary from sector trends. For example, if the sector average attrition rate was significantly increasing, TEQSA may take a view that this does not alter the level considered to indicate a risk to standards.

    These dimensions are evaluated holistically, based on available information, and there is no single consideration that would automatically overrule others. Professional judgement is used, with regard to the specificities of each indicator, in determining the levels which may represent potential risk.

    Further information about TEQSA’s approach to determining risk thresholds is made available on its website and will be updated as needed. The risk thresholds themselves are held confidentially within TEQSA. Risk thresholds are considered in the context of other information and are not the sole determinant of risk ratings.

    In the risk assessment and in any communication with the provider, TEQSA will explain the basis for an overall moderate or high risk rating in the context of the provider’s particular circumstances.

    Risk controls 

    As noted earlier, if a risk assessment identifies potential concerns that may warrant further consideration by TEQSA, a provider is invited to comment on the assessment, on a voluntary basis. The provider may comment on the factual accuracy underpinning the observations, provide relevant information about risk controls that it has in place in relation to the potential risks identified, or any other information that the provider considers relevant.

    TEQSA’s consideration of the provider’s response may lead to an adjustment of the risk assessment. Examples of evidence and context that may lead to adjustments of risk ratings are available in a published information sheet on TEQSA’s website, and may be updated from time to time.

    Noting that innovation often involves a degree of risk, a provider may choose to demonstrate that the level of risk is acceptable in its circumstances.

    Outcomes of risk assessments

    Actions in response to risk assessments

    A final risk assessment will typically identify action in line with the following:

    No action If no significant risks are identified overall, or risks are already known to TEQSA with a response already in place (such as additional reporting requirements), then TEQSA will not take any action in response to the risk assessment. The risk assessment will continue to be updated annually.
    Recommendation TEQSA may recommend that the provider closely monitor identified risks and/or put in place appropriate controls or improvement strategies. A recommendation arising from a risk assessment does not constitute a formal condition on registration.
    Request for information TEQSA may identify risks that require further consideration by TEQSA. In such cases, TEQSA may seek additional information from the provider so that TEQSA may determine if further action is necessary. Requests for information may also be used to monitor identified risks between risk assessment cycles.
    Regulatory action (e.g. compliance assessment or conditions) If TEQSA identifies significant risks, it may determine that regulatory action is necessary outside a scheduled assessment process. This may include, for example, undertaking a compliance assessment to satisfy TEQSA that the provider continues to comply with the Threshold Standards, or imposing formal conditions on registration.
    To be considered in scheduled assessment process If the provider has a scheduled assessment process (e.g. re-registration), TEQSA may indicate that risks identified in the risk assessment will be considered further in that process rather than identify additional action at that time.

    Links with scheduled assessment processes

    A risk assessment is one input to inform the scope of evidence required in renewal of registration or course accreditation processes.

    If a provider is evaluated as low risk overall in relation to Risk to Students and Risk to Financial Position (and satisfies other criteria), then the application and assessment process focuses on reduced core evidence requirements. If a provider is evaluated as presenting a high or moderate risk overall in relation to Risk to Students and/or Risk to Financial Position, then the scope of the assessment process may be expanded. In exceptional circumstances, an expansion may be considered necessary where a provider is evaluated as low risk overall, but a significant trend or specific issue is identified. TEQSA will determine the scope and discuss requirements with the providers.

    Further information about TEQSA’s approach to tailored renewal of registration and course accreditation processes is available on the TEQSA website.

    It should be noted that, as scheduled assessment processes are more in-depth and consider wider evidence, it is possible for a scheduled assessment to identify compliance issues that had not previously been identified as potential risks in a TEQSA risk assessment.

    Administration

    Privacy and confidentiality

    Given the potential sensitivity of risk assessments and associated documents, provider risk assessments are treated confidentially by TEQSA. Risk assessments and associated documents relating to individual providers are not publically released by TEQSA or shared with other providers. Similarly, a TEQSA risk assessment is to be treated confidentially by the provider, noting that the provider may not publish a risk assessment or make it available to any person other than those employed by the provider. TEQSA may share risk assessments with other government agencies (refer to ‘Information Sharing’).

    While TEQSA has certain statutory obligations of confidentiality, pursuant to Division 2 of Part 10 of the TEQSA Act, providers should note that TEQSA also operates within a public accountability framework. This includes obligations:

    • to provide information to Ministers, the Parliament or Parliamentary Committees
    • under the Freedom of Information Act 1982, the Auditor-General Act 1997, and the Ombudsman Act 1976
    • to provide reasons for TEQSA’s decisions, or details about TEQSA’s activities, including in the context of court or tribunal proceedings.

    If TEQSA receives a request to provide an applicant’s confidential information, TEQSA will endeavour to consult the applicant, and to provide the applicant with an opportunity to make submissions on whether TEQSA should release the information. However, in certain cases this course of action may not be possible.

    Freedom of information

    TEQSA is subject to the Freedom of Information Act 1982 (the FOI Act). TEQSA will respond to requests for access in accordance with the requirements of the FOI Act.

    Further details on freedom of information

    Information sharing 

    A key function of TEQSA’s establishment as the national higher education quality assurance agency includes disseminating information about higher education providers and their awards. This function is specified in paragraph 134 (1) (e) of the TEQSA Act, which notes that TEQSA may collect, analyse, interpret and disseminate information relating to higher education providers, regulated higher education awards and for quality assurance practice and improvement in higher education.

    To provide a broad overview on risks in the higher education sector and to share information on good practices, TEQSA may publish high-level sector analyses. Any analysis that is published will be at a high level only and will not contain any provider level risk information. Information on risks in the sector and good practices may also be shared through information sheets on TEQSA’s website and presentations at TEQSA provider roundtables.

    TEQSA may share risk assessments, or components of risk assessments, with other Commonwealth agencies (e.g. Australian Skills Quality Authority and the Department of Education and Training) where there is an established need and where it reduces the reporting or compliance burden on providers. Any sharing of risk assessments with other Commonwealth agencies will be established under appropriate arrangements (eg Memoranda of Understanding or Information Sharing Protocols) with the relevant agency.

    In considering any requests to share risk assessments or their components, TEQSA will give due regard to all confidentiality provisions through which the agency obtained this information from a provider. This means that risk assessments would not contain identifying personal information on individual members of organisations, their staff or students.

    Appendix 1 and 2

     

    1 National Code of Practice for Registration Authorities and Providers of Education and Training to Overseas Students 2018.

    Subtitle
    Version 2.4
    Stakeholder
    Publication type

    Documents

    tom.hewitt-mcmanus

  • Gen AI strategies for research training: Emerging practice

    Body

    In June 2024, TEQSA issued a request for information to all Australian higher education providers. This request asked for a credible institutional action plan addressing the risk generative artificial intelligence (gen AI) poses to award integrity.

    Drawing on the information received, TEQSA has developed 2 resources. The first Gen AI strategies for Australian higher education: Emerging practice was published in November 2024.

    Gen AI strategies for research training: Emerging practice is the second resource developed from TEQSA’s analysis of the information received and focuses on research training. This toolkit includes 4 sections:

    • Induction, guidance and training
    • Research process
    • Assessment and thesis examination
    • Publications and grant applications.

    Each section can be read individually, in any order, or in conjunction with the broader toolkit. It seeks to share ideas and experiences to support institutions in effectively and ethically integrating gen AI into research training, while also managing the risks these evolving technologies pose to academic integrity.

    Gen AI strategies for research training: Emerging practice  (PDF, 4.1 MB)

    Stakeholder
    Publication type

    Related links

  • Gen AI strategies for research training

    TEQSA has published a companion toolkit to Gen AI strategies for Australian higher education: Emerging practice.

    The new toolkit - Gen AI strategies for research training: Emerging practice - focuses on research training and, like its companion, draws on the analysis of the request for information which TEQSA issued to all higher education providers in 2024.

    This second resource includes 4 sections:

    • Induction, guidance and training
    • Research process
    • Assessment and thesis examination
    • Publications and grant applications.

    Each section can be read individually, in any order, or in conjunction with the broader toolkit.

    The toolkit looks to share ideas and experiences to support institutions in effectively and ethically integrating gen AI into research training, while also managing the risks these evolving technologies pose to academic integrity.

    Date
    Last updated:
    Featured image