Office of Risk Management

Enterprise Risk Management

ERM Goals and Objectives

Goals and Objectives for Accomplishing the Mission:

Goal #1: Integrate ERM into the culture and strategic decision making processes of the organization.

Objectives:

1-1. Develop common ERM terminology.

Measures of progress toward meeting the objective:

  • Has an ERM glossary been created?
  • To what extent have the words associated with risk been defined and communicated among key staff, such as the Core Working Group, institution participants, System president, and cabinet?

1-2. Raise awareness of the need for risk management.

Measures of progress toward meeting the objective:

  • Has the importance of accepting risk management responsibility been discussed among key staff?
  • Long term: Have employee orientations related to risk management been scheduled? Is an online self-assessment tool available for employees?

1-3. Establish continuous monitoring and communications processes.

Measures of progress toward meeting the objective:

  • Is an ongoing risk monitoring process in place?
  • Is monitoring assigned to specific individuals who also communicate the results of the monitoring activity to appropriate levels in the organization, such as the chancellor, or president?
  • Have formal communication mechanisms, such as a central web site or newsletter, been established? Is communication occurring on a regular basis?

Goal #2: Balance the cost of managing risk with the anticipated benefits.

Objectives:

2-1. Define the organization's overall risk appetite/tolerance, and establish associated materiality thresholds.

Measure of progress toward meeting the objective:

  • Have management discussions occurred, with decisions made, about how much risk the organization is willing to accept in key areas?

2-2. Document current procedures, controls, and risks.

Measure of progress toward meeting the objective:

  • Has systematic documentation of risks and controls occurred in all functional areas of the organization, such as academic, financial and human resources, or in major risk categories, such as reputational, operational or strategic?

2-3. Compare current risks to control efforts, as well as to the organization's risk appetite, to help identify priority risks.

Measure of progress toward meeting the objective:

  • Has the risk analysis resulted in the identification of the organization's top risks?

2-4. Assess the value of alternative risk management actions.

Measures of progress toward meeting the objective:

  • Have alternative risk management strategies been identified for all of the identified top risk areas?
  • Do strategies respond to changing social, environmental, and legislative conditions?

Goal #3: Manage risk in accordance with best practices, and demonstrate due diligence in decision making.

Objectives:

3-1. Assign responsibilities for risk management at the "lowest" levels of the organization.

Measures of progress toward meeting the objective:

  • Has responsibility for managing risks been assigned?
  • Are risk owners specifically assigned and accountable for remediation of identified and prioritized risks?
  • Have action/response plans for each selected risk been created and assigned?
  • Are actions taken tracked and reported?

3-2: Regard compliance with the law as a minimum standard.

Measure of progress toward meeting the objective:

  • Has compliance as a minimum standards, to be exceeded if possible, been communicated to those in the organization who track compliance?

3-3: Streamline risk-management-related practices.

Measure of progress toward meeting the objective:

  • Have any risk-management-related or other internal control measures/activities been identified for elimination?

3-4: Identify competitive opportunities.

Measures of progress toward meeting the objective:

  • Have benefits of assuming additional risk been identified?
  • Have competitive needs or reputation been discussed at a strategic level?

Goal #4: Use the pilot projects to develop a systemwide ERM implementation strategy.

Objectives:

4-1. Establish an organizational and communication structure for managing the pilots.

Measure of progress toward meeting the objective:

  • Is a structure in place to enhance planning efforts among the consultant, UW System Administration, and the pilot institutions?

4-2. Transfer knowledge from the consultants to UW System Administration staff.

Measure of progress toward meeting the objective:

  • Are UWSA staff well prepared to apply what was learned from pilot experiences to the next ERM phase?

4-3: Involve the UW System president and cabinet in ERM-related decisions.

Measure of progress toward meeting the objective:

  • Is a communication strategy in place for informing the president and cabinet of ERM progress and for seeking feedback, when appropriate?