Risk Management Process

Risk Identification

The purpose of risk identification is to find, recognize, and describe risks (uncertainties) that might help or deter the University in achieving its objectives. We categorize risks into five main categories:

• Reputational - How are we protecting the University’s brand and reputation?
• Strategic - How are we meeting the University’s strategic and long-term goals
• Operational - How can we provide superior service to the students we serve?
• Financial - How can minimize costs and maximize our return on investments
• Compliance - How can we ensure we meet legal and regulatory requirements?

Risk Analysis & Evaluation

The purpose of risk analysis and evaluation is to understand the nature and characteristics of the risk, in order to support decisions about additional action that may be required. 

Risk Treatment

The purpose of risk treatment is to select and implement options for addressing the risk, and balancing achievement of objectives and costs, effort or other potential disadvantages.

Risk Monitoring

The purpose of monitoring and review is to assure and improve the quality and effectiveness of the risk management process’ design, implementation and outcomes. The results of monitoring is incorporated throughout the university’s performance management and reporting activities.

Risk Communication

Throughout the risk management process, communication is the most important component. Open discourse between colleagues, administration, students and ERM is what allows the university to identify, analyze, mitigate and monitor the risks.