Services
Enterprise Risk Management
Enterprise Risk Management (ERM) aims to build collaborative relationships across the University to evaluate and manage risk.
ERM integrates with strategy and performance. This allows us to implement a focused, systematic approach to addressing risk and identifying opportunities involving our:
- Strategic plan
- Performance-based funding metrics
- Pre-imminence metrics
- U.S. National News and World Report rankings
Purpose
The purpose of our Enterprise-Wide Risk Assessment is to:
- Identify risks to the achievement of goals and objectives
- Measure the significance of each identified risk
- Determine the most appropriate business response to each risk
- Evaluate and report on how well the chosen responses are carried out
Managing risk is part of all activities associated with the University, and affects every department, unit and person. In that way, we consider everyone a Risk Manager!
leadership commitment
Managing risk is an integral part of governance and assists the Universtiy in setting strategy, achieving objectives and making informed decisions.
process
Enterprise Risk Management (ERM) is a cyclical process that involves three major steps to include:
- Formally identify institutional risks across all areas to uncover root causes or risks
- Use established scale to consistently prioritize risks
Formally report on current risks and risk management initiatives
Develop mitigation plans and hold risk owners accountable
Types of Risk
The purpose of risk identification is to find, recognize, and describe risks (uncertainties) that might help or deter the University in achieving its objectives. We categorize risks into five main types. For more details about the types of risks that fall into these main categories, please consult our Risk Dictionary, which is based on the Associaton of College and University Auditors (ACUA) Risk Dictionary.
Risks impacting compliance with legal, regulatory, contractual, policy, accreditation, NCAA, and other requirements. E.g. compliance with laws and regulations, conflict of interest.
Risks impacting resources, financial structure, ability to meet future financial needs, and financial reporting. E.g. financial reporting, fraud, them, and embezzlement.
Risks impacting continuity of activities, safety and security, IT operations, physical infrastructure, process efficiency, and program effectiveness. E.g. personnel issues or workplace violence.
Risks impacting our public image, brand, external opinions, prominence, and standing of our University. E.g. public image, emerging issues.
Risks impacting our constituent relationships, ability to generate funds, and goal achievement. E.g. new programs and delivery models, funding availability.
Resources
- Risk Committee Charge Letter
- Risk Assessment Training
- Risk Assessment Survey
- Printable Survey
- Risk Dictionary
Contact us
- Kiara Guzzo
- Email: EnterpriseRisk@usf.edu