Risk Management

Objective 5:  Adopt an enterprise risk management mindset by assessing emerging risks, measuring risk appetite, and developing mitigation activities. 

Strategy 5.1

Sustain and expand the current divisional Enterprise Risk Management process.

Tactics:

  • 5.1a - Continue the ongoing Enterprise Risk Management process for Finance and Administration following-up semi-annually on status of mitigation plans and maintaining the risk register and providing updates.
  • 5.1b - Pilot the Enterprise Risk Management process with the Divisions of Information Technology and Human Resources and assess results.
  • 5.1c - Develop consensus regarding the importance of Enterprise Risk Management across all divisions.
Strategy 5.2

Align the Annual Internal Audit Plan with critical business processes to provide operational assurance and identify opportunities for improvement.

Tactics:

  • 5.2a - Develop the Annual Internal Audit Plan using a risk-based approach with a focus value-added recommendation for continuous improvement.
  • 5.2b - Incorporate the results of the Enterprise Risk Management process into the planning process.
Strategy 5.3

Promote a culture of continuous process improvement that emphasizes automation, loss prevention, risk reduction, and strengthening of internal controls.

Tactics:

  • 5.3a - Provide value-added audit recommendations for continuous process improvement that deliver effectiveness, efficiency, and mitigate risk.
  • 5.2b - Continue and expand the tracking and monitoring process of open audit. recommendations to ensure management responses and improvements have been implemented.
  • 5.3c - Optimize the cost and parameters of the university’s property and casualty coverages.
Sample Metrics
  • Number of divisions included in the Enterprise Risk Management process
  • Number of prioritized risks identified with developed mitigation plans
  • Number of mitigation plans implemented