CRITICAL CONTROL MANAGEMENT DIAGNOSTIC · AUSTRALIAN MINING INDUSTRY
Can you
prove your critical controls are identified, implemented & verified?
An independent, evidence-based diagnostic for company officers — board, CEO, CFO, COO.
From June 2026, Queensland became the first jurisdiction in the world to make critical control identification and management a legal duty for every coal mine, mine and quarry. The Critical Control Management Diagnostic was built to help Queensland officers meet that duty with evidence, not assumption. It is equally suited to any operator, in any jurisdiction, that wants independent proof its critical controls are genuine, effective, and meeting the standard now expected of the industry.
Delivered by Mineplex, the specialist mining safety and risk practice led by a former Site Senior Executive, powered by CaNeTA Intelligence, Libero AI's end-to-end AI causal risk intelligence solution.
WHY THIS MATTERS TO OFFICERS
The duty is personal, and the penalty does not wait for the company
Under s47A (coal) and s44A (mines and quarries), an officer of a corporation must exercise due diligence to ensure the corporation meets its critical control obligations. That duty reaches the board, the CEO, CFO and COO. The Site Senior Executive, and anyone reporting to the SSE, is carved out of this particular duty and carries direct obligations elsewhere. An officer can be convicted whether or not the corporation has been charged, and due diligence is something each officer must evidence personally — it cannot be delegated or assumed.
01 · THE LAW
A legislated duty, not guidance
Since 1 June 2026, a safety and health management system in every Queensland coal mine, mine and quarry must now identify critical controls. For Queensland coal mines, they must at least identify critical controls in their principal hazard management plans. For every mine and quarry, they must identify critical controls for their Material Unwanted Events.
These are substantial changes and the first time they have been included in legislation anywhere in the world.
02 · THE PRECEDENT
Personal liability is real
In March 2026 the High Court upheld the personal conviction of a chief executive for failing the officer due diligence duty under closely comparable legislation, after a workplace death, leaving a $130,000 fine and $60,000 costs order in place (Gibson v Maritime New Zealand [2026] NZHC 813). The finding was that he had not taken reasonable steps to assure himself of how the work was actually being done — a senior officer cannot assure themselves of safety from a distance.
03 · THE GAP
No prescribed method raises the bar
There is no regulation prescribing how to do critical control management, which lifts the bar. The defensible position runs through recognised good practice, the ICMM 2026 guide, and demonstrable diligence backed by evidence. ICMM updated its Critical Control Management Good Practice Guide in April 2026, and its own diagnosis is blunt: the gap is not knowledge, it is application.
THE TEST, IN THREE WORDS
Identified, implemented, verified
ICMM reduces good practice to three words, and the duty mirrors them. The shift in language is deliberate: from 'identify and document' to 'verify and act.' For an officer, that last word is where most boards are exposed.
IDENTIFIED
Credible MUEs and genuine critical controls
It starts before the controls, with the credible MUEs. The critical controls you then name must be genuine — intentional, hazard-specific, and verifiable in the field — not procedures relabelled as critical controls over the years. If a control depends on the worker being perfect on a bad day, it is hope dressed up as a control.
IMPLEMENTED
In place and working in the field
Forty years of human factors science says performance is situational and people drift to the easier path. Controls that rely on human performance can rarely meet the bar a true critical control requires. Most 'human controls' in a bow-tie are safeguards worth having, but not the primary line of defence against a fatality.
VERIFIED
Evidenced, not assumed
The verify limb, s47A(3)(f) and s44A(3)(f), is the hardest to fake. Receiving a safety report is not the same as having assurance. The officer's duty is to hold a reasonable basis for confidence — the kind you could defend if a regulator asked what you knew, what you tested, and what you relied on. Verification is where reassurance becomes assurance.
HOW IT WORKS
Two evidence engines that answer questions neither can answer alone
A risk register treats events as isolated line items and a bow-tie examines one scenario at a time, so neither shows how risks connect across the operation, or which control carries the most structural weight. Field inspection and documented assurance cannot reveal network structure; causal analysis cannot substitute for field evidence. The combination is the product. CaNeTA Intelligence accelerates and structures the analysis. Mineplex always owns the judgement.
FIELD & DOCUMENTED ASSURANCE · MINEPLEX
Are the right things called critical controls, and do they work on the ground?
Mineplex possesses deep knowledge of the mining industry in coal and metals, in Australia and internationally, including fulfilling statutory roles in the toughest legal precinct in the world – Queensland. Assessment runs against the binding legislation and the ICMM 2026 CCM Good Practice Guide (April 2026).
- Tests whether items called critical controls are genuine controls, not plans or procedures mislabelled
- Structured field verification of control implementation and effectiveness
- Interviews with officers, site leaders, control owners, and frontline crews
- Governance and accountability review, from the workface to the board
STRUCTURAL ASSURANCE · CaNeTA INTELLIGENCE BY LIBERO AI
Is the control set structurally sound, and is assurance aimed where it matters most?
CaNeTA Intelligence converts the data the mine already holds into a causal network, a connected map of how risk events trigger, propagate, and concentrate. It then applies the peer-reviewed CaNeTA methodology from UQ's Sustainable Minerals Institute.
- Maps every incident and high-potential incident into one causal network
- Ranks controls by structural load, so verification points where the network weight sits
- Surfaces single points of failure, sleeper risks, and failing-lucky patterns
- Produces reproducible network metrics as leading indicators and audit-ready evidence
Inside CaNeTA Intelligence
From raw, disparate data to prioritised, evidence-based insight
CaNeTA Intelligence is the end-to-end Libero AI solution. It runs across risk registers, bow-ties, broad-brush risk assessments, and incident data the mine already holds. No new data infrastructure or software implementation is required.
01 · Harness
Data preparation
Identification and preparation of the data sources already in the business.
02 · Transform
Causal linking
Purpose-built CaNeTA Intelligence AI, developed specifically for causal risk analysis, identifies how events connect and builds the causal chains across your data, always with human oversight.
03 · Model
Causal network modelling
UQ's peer-reviewed CaNeTA methodology applied to the prepared data, producing network visualisations of causal chains and associated statistical analysis providing a mathematically repeatable basis for determining control health
04 · Insights
Insights that meet the duty
Structurally critical controls, single points of failure, fatal pathways with no control assigned, and failing-lucky patterns, the evidence officers need to discharge the verify limb of the duty. These insights feed the CCM Diagnostic directly.
Naming clarity: CaNeTA is the peer-reviewed Causal Network Topology Analysis methodology developed at UQ, the analytical engine. CaNeTA Intelligence is the complete Libero AI solution built around it.
What you get
An officer can read the summary in two minutes, then evidence their own due diligence
The central deliverable is a written report addressed to officers, with a Red/Amber/Green rating against each limb of the duty, plus an in-person executive presentation for the board or leadership team.
OFFICER ASSURANCE SUMMARY
Your position at a glance
A R/A/G rating against each limb of the due diligence duty, readable before any methodology.
STRUCTURAL ASSURANCE
CaNeTA Intelligence findings
Whether verification and resources are aimed at the controls that hold the risk network together.
FIELD EFFECTIVENESS
Proof controls work
Evidence that critical controls are implemented and working on the ground, not just on paper.
GOVERNANCE
The board's information pipeline
Whether owners are appointed and discharging their roles, and what reaches the board.
MATURITY BASELINE
A position you can track
A rating against the ICMM 2026 CCM Maturity Model the board can improve over time.
GAP REGISTER & ROADMAP
Defensible evidence set
Gaps mapped limb by limb to the duty, with a prioritised roadmap and accountability owners.
Where does your assurance stand today?
Book a conversation with Mineplex and Libero AI. We will walk you through what the diagnostic covers, what data it needs, and how it gives each officer a defensible answer to a single question: can we prove it?