A printable version of the ERM Policy [pdf] is available.

In accordance with the ISO 31000 standard, the University maintains an ERM policy.  The policy provides direction for ERM implementation, lends credibility to the program and demonstrates the University’s commitment to the ERM process.

A robust reporting structure provides a sound backbone for the ERM program through representation of key risk owners in the identification, evaluation and control of risks arising from University activities.

View the Org Chart [pdf]

View the Responsibility Matrix [pdf]

The ERM Executive Oversight committee provides a top-down approach in identifying significant risks to the organization. The oversight committee reviews risk data submitted by the senior committees/individual risk areas and amends the risk data based on their experience and expertise. Members of the oversight committee include senior University leadership and representation from other University offices and programs.

The ERM senior committees and individual risk areas take a bottom-up approach in identifying strategic, operational, hazard, financial and reputational risks. Identified risks are reported to senior level committees which review, consolidate and select specific risks for more detailed reporting to the Executive Oversight committee.

This top-down and bottom-up approach promotes a collaborative, cohesive and robust ERM process. Increased collaboration improves the University’s risk management culture, provides a comprehensive view of risks, enhances the identification of risks and allows risk prioritization.

The University has established a documented process to determine which risks are most significant, identify controls and monitor risks. Get details about the ERM process pathway below.

View the Process Flowchart [pdf]