Board of Regents Policy Manual

Official Policies of the 性视界APP

7.11 Risk Management

Proper management of risk is a core leadership function that must be practiced throughout the 性视界APP (USG). Enterprise Risk Management (ERM) is a process-driven tool that enables management to visualize, assess, and manage major risks that may adversely impact the attainment of key organization objectives. The University System Office and USG institution presidents are responsible for identifying, assessing, and managing risks using the ERM process. The Chancellor shall designate an individual with overall responsibility for the USG risk management program.

7.11.1 Definition of Risk

鈥淩isk鈥 refers to the probability of an event and potential consequences to an organization associated with that event鈥檚 occurrence. Risk is inherent to any activity and it is neither possible nor advantageous to entirely eliminate risk from an activity without ceasing that activity.

Risks are defined broadly, are not limited to traditional risks, but also include:

1 Strategic Risks, which affect the ability to carry out goals and objectives as articulated in the USG Strategic Plan and institution strategic plans;
2. Compliance Risks, which affect compliance with laws and regulations and student, faculty, and staff safety, environmental issues, litigation, conflicts of interest, and related matters;
3. Reputational Risks, which affect reputation, public perception, political issues, and related matters;
4. Financial Risks, which affect loss of or ability to acquire assets, technology, and related matters; and,
5. Operational Risks, which affect on-going management processes and procedures.


7.11.2 Management of Risk

Management of risk within the USG is fundamentally a leadership responsibility. The Board of Regents and the Chancellor will define the USG鈥檚 ability (risk tolerance) and willingness (risk appetite) to absorb the impact of certain risks. The Chancellor, through senior staff and institutional presidents, shall ensure that USG risks are effectively managed; each institution president performs a similar role within his or her institution.

Certain institutional risks rise to a level such that the institution President shall make the Chancellor and the appropriate System Office department aware of the risk. Acceptance of those risks are at the discretion of the Board and the Chancellor. Risks rising to this level includes those where the combination of an event鈥檚 probability and the potential consequences is likely to:

  1. Impair the achievement of a USG strategic goal or objective;
  2. Result in substantial financial costs either in excess of the impacted institution鈥檚 ability to pay or in an amount that may jeopardize the institution鈥檚 core mission;
  3. Create significant damage to an institution鈥檚 reputation or damage to the USG鈥檚 reputation; or,
  4. Require intervention in institutional or USG operations by the Board of Regents or an external body.

Some level of risk is not only expected in normal everyday activities but can be beneficial. However, acceptance of risk shall not include:

  1. Willful exposure of students, employees, or others to unsafe environments or activities;
  2. Intentional violation of federal, state, or local laws;
  3. Willful violation of contractual obligations; or,
  4. Unethical behavior.

7.11.3 Institution Implementation of Risk Management Procedures

An institution-wide approach to risk management shall be adopted by all USG institutions and embedded into the institution鈥檚 management systems and processes. All risk management efforts shall be focused on supporting the institution鈥檚 objectives. Each institution President shall develop a campus risk management framework and associated procedures that include:

  1. Formal and ongoing identification of risks that impact the institution鈥檚 goals;
  2. Development of risk management plans;
  3. Monitoring the progress of managing risks;
  4. Periodic updates of risk management plans; and,
  5. Reporting of risks so that significant risks are reported to the Chancellor and appropriate System Office Department.

Each USG institution President shall designate in writing a Risk Management Policy coordinator to assist campus administrators in maintaining the campus risk management framework and procedures. The Risk Management Policy coordinator shall have sufficient authority to ensure high-level management of the institution鈥檚 risk management efforts.

At the System level, the Chancellor shall designate an employee or employees to oversee implementation of the Risk Management Policy across the USG and assist University System Office administrators in maintaining the USO risk management framework and procedures. The Committee on Internal Audit, Risk and Compliance shall provide oversight to implementation of the Risk Management Policy and review major risks on behalf of the Board of Regents.

Institution risk management framework and procedures shall be reviewed annually. Periodic reviews for compliance with the system wide guidelines shall also be conducted by internal audit or a similar accountability function. Additional procedures for risk management policy reporting and implementation shall be established in a System-level procedures manual.


↑ Top