Enterprise Risk Management (ERM) is a continuous business process, led by senior leadership that extends the concepts of risk management and includes:
– Identifying risks across the entire institution;
– Assessing the impact of risks to the operations and mission;
– Developing and implementing response or mitigation plans; and
– Monitoring the identified risks, holding the risk owner accountable, and consistently scanning for emerging risks.
Adopted From: Risk Management – An Accountability Guide for University and College Boards. 2013 Association of Governing Boards of Universities and Colleges
The Objectives of ERM Include:
– Identifying and assessing a broad array of risks that could impact the achievement of institutional goals and objectives
– Ensuring appropriate ownership and accountability of risks
– Developing and implementing appropriate risk mitigation and monitoring plans by risk owners
– Establishing a program structure that engages functional leaders across the campus to identify and prioritize risks
– Providing senior leadership with key information to make risk-informed decisions and to effectively allocate resources