About Enterprise Risk Management
What is Enterprise Risk Management?
Enterprise Risk Management (ERM) is a discipline that attempts to manage all institutional risks. An institutional risk is defined by the International Standards Organization (“ISO”) under ISO31000, as “any issue that impacts an organization’s ability to meet its objectives.” While this definition is intentionally broad, it should be noted UC’s ERM program views “risk” as both adverse impact and opportunities.
UC’s ERM program is spearheaded by the Chief Risk Officer and engages key leadership, as well as the UC Board of Trustees. It is important to note, however, risk management works best where there is engagement at all levels in the university.
WHERE TO START...RISK ASSESSMENT
Risk assessment is simply a process to evaluate and prioritize risk. After listing all the potential risks, each risk is scored against a common criteria:
- Likelihood -- How likely is it that this will occur at UC?
- Impact -- How bad (or good) will it be if it does?
The Risk Assessment Template is available to any department/unit seeking to take a first step in better understanding and managing the risks affecting its area. Ideally, the university would utilize the same scoring system as indicated in the template, so that a common framework and language can be applied.
As illustrated in the graphic below, our team can provide consultation on any element of the risk management process, as well as for special projects.
Thanks to United Educators for recognizing our video in the "Pearls of Wisdom" contest! Do you have ideas on how we can innovate to build a risk aware culture? Tell us how now.