Enterprise Risk Management
Enterprise Risk Management (ERM) is a structured, consistent and continuous process across the whole organization for identifying, assessing, deciding on response to, and reporting on threats and opportunities that affect the achievement of its objectives.” - From the Institute of Internal Auditors (IIA).
Enterprise Risk Management is designed to measure an institution's achievement of four primary objectives:
- Strategic - high-level goals, aligned with and supporting its mission
- Operations - effective and efficient use of its resources
- Reporting - reliability of financial and regulatory reporting
- Compliance - compliance with applicable laws and regulations
Why is ERM relevant in the higher education environment?
Like organizations within the private sector, Virginia State University operates in an inherently risky environment. Risks can include financial risk, operating risk, strategic risk, regulatory risk, environmental risk, and political risk among others. Managing this range of risks is especially important to help ensure the university can continue to serve the university's faculty, staff, students and the citizens of the Commonwealth of Virginia. Strategically managing risk can reduce the chance of loss, create greater financial stability, and protect resources to enable the University to continue our mission of “Building a Better World”.
Links to information on enterprise Risk Management (ERM)
- The State of Enterprise Risk Management at Colleges and Universities Today, published by the Association of Governing Boards of Universities and Colleges (AGB) and United Educators (UE)
- The Seven Deadly Sins of Enterprise Risk Management and How to Avoid Them, published by Control Solutions
- Road to Implementation-ERM for Colleges and Universities, published by Arthur J. Gallagher Risk Management Services, Inc.
- ERM in Higher Education, published by University Risk Management and Insurance Association
- Concepts of Strategic Risk and Managing Strategic Risk