Enterprise Risk Management

Category: Governance
Number: GOV-080-005
Audience: All University employees
Issued: July 04, 2012
Owner(s): Executive Director (University Governance)
Approved by: Board of Governors
Contact: Coordinator, Enterprise Risk Management 306-337-3127

Introduction

This policy applies to all University of Regina members. The University of Regina is committed to establishing an institution that ensures risk management is an integral part of all university activities and a core capability.

The University’s enterprise risk management (ERM) process is designed to:

  • identify potential events and trends (risks) that may significantly affect the University’s ability to achieve its strategic goals or maintain its operations, positively or negatively, and
  • assess those risks against the University’s level of risk tolerance to provide reasonable assurance that the University’s objectives will be achieved.

The University’s objectives for the enterprise risk management include:

  • integrating risk management into the culture and strategic decision-making of the University,
  • anticipating and responding to changing social, environmental and legislative conditions,
  • managing risk according to best practice and demonstrating due diligence in decision making,
  • regarding legal compliance as a minimum standard,
  • balancing the cost of managing risk with the anticipated benefits, and
  • raising awareness of the need for risk management.

Definitions

Policy

The University’s methodology for risk management is shown on the Enterprise Risk Management Framework and is simply a flow chart expression of the risk management activities.  The process is continuous and should be applied at both the University (enterprise) level or at an individual academic and administrative unit level. The Enterprise Risk Management Framework also documents the roles and responsibilities of the various stakeholders. Further, the University provides appropriate training and resources to University members to manage risk.

  • The University’s principles for managing risk are:
  • The Board of Governors and University Executive oversee risk management within the University.
  • The Board of Governors and University Executive adopt an open and receptive approach to solving risk problems.
  • The University Executive supports, advises on, and implement policies approved by the Board of Governors.
  • The University Executive makes conservative and prudent recognition and disclosure of the financial and non-financial implications of risks and opportunities.
  • Deans, associate vice-presidents, directors, and department heads encourage good risk management practices within their units.
  • Key risk indicators are identified and monitored on a regular basis.


Roles and Responsibilities


All staff members of the University are responsible for the effective management of risk including the identification of potential risks. Management (both administrative and academic) is responsible for the development of risk management processes and the implementation of risk reduction strategies. Risk management processes will be integrated into existing departmental planning processes and management activities.


Coordinator, Enterprise Risk Management

The Coordinator, Enterprise Risk Management:

  • oversees and maintains the ERM Framework,
  • annually facilitates and coordinates the process of identifying, reviewing, and ranking risks,
  • develops a risk register for the University
  • assigns, tracks, and monitors risks in the University’s risk register,
  • facilitates action in those areas where improvements are required, and
  • reports the status of risks to the University’s Executive and the Board’s Audit and Risk Management Committee.


Deans, Associate Vice-Presidents, Directors, and Department Heads

Deans, associate vice-presidents, directors, and department heads are accountable for implementation of this policy within their respective areas of responsibility. They:

  • incorporate risk management into their departmental/unit planning processes and management activities,
  • actively participate in the risk assessment process, and
  • report on the status of items in the risk register as required when it has an impact on their respective responsibilities as part of the annual planning or review cycle.


University Executive Team

Members of the University’s Executive Team are accountable for strategic risk management in the areas under their control, including the delegation of the risk management process to deans, associate vice-presidents, directors, and department heads.

Collectively, the senior executive team is responsible for:

  • formal identification of strategic risks that have an impact on the University’s goals,
  • determination of priorities,
  • development of strategic risk management plans,
  • monitoring progress in managing risk, and,
  • progress review of the strategic risk management plan.


Audit and Risk Management Committee

The Audit and Risk Management Committee is accountable for ERM as defined in its terms of reference (60 KB) pdf.

Consequences for Noncompliance

Failure to comply with this policy may affect the University and/or academic and administrative unit from achieving its strategic and operational objective.

Processes

Refer to the University’s Enterprise Risk Management Framework (76 KB) pdf.

Related Information