Enterprise Risk Management
In 2009, the University adopted an Enterprise Risk Management (ERM) framework to support strategic and operational decision-making. The Office of ERM has been leading the implementation and works with the Executive Team, and academic and administrative units across the University to facilitate the identification process of risks and assist with the development of relevant risk mitigation strategies.
UBC’s Definition of Risk:
UBC defines risk as the possibility that an event, action or inaction could adversely affect the University’s ability to achieve its objectives and successfully execute its strategies. Types of risks can include:
- Academic: faculty, students, research
- Reputational: rankings, service
- Operational: processes, systems, staff
- Hazard: natural and other disasters
- Strategic: barriers to achieve strategic goals
ERM Framework at UBC:
The ERM initiative is directed by the University’s Board of Governors - Audit Committee and is sponsored and guided by the ERM Steering Committee, comprised of executive and senior members: Provost & VP Academic, Deputy Vice Chancellor and Principal, VP Finance, Resources and Operations, VP Students, VP Human Resources and the Director Internal Audit.
ERM objectives and benefits include:
- Management tool for faculties and administrative units to identify key areas of risk and prioritize resource allocation;
- Identify dependencies and key areas where coordination with other faculties / administrative units is required;
- Development of an on-going comprehensive risk database using a consistent methodology across all campuses of the University;
- Provide feedback and reporting to the Executive Team and the Board of Governors regarding high risks facing individual faculties / units;
- Coordination with Internal Audit, Privacy, Information Security and other Risk Management Services (e.g. Continuity Planning, Insurance, Health and Safety);
- ERM is a best practice and is quite common in other universities.
- B.C. Government Ministry of Finance Enterprise Risk Management
- Risk Management Society (RIMS)
- International Organization for Standardization (ISO) 31000 – Risk Management
For more information, please contact us:
Director, Enterprise Risk Management & Continuity Planning
Senior Analyst, Enterprise Risk Management