uncw institutional risk management n.
Skip this Video
Loading SlideShow in 5 Seconds..
UNCW Institutional Risk Management PowerPoint Presentation
Download Presentation
UNCW Institutional Risk Management

Loading in 2 Seconds...

play fullscreen
1 / 14

UNCW Institutional Risk Management - PowerPoint PPT Presentation

  • Uploaded on

UNCW Institutional Risk Management. IRM Overview and Policy Development & Implementation Plan Overview. IRM BOT Audit Committee Background.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'UNCW Institutional Risk Management' - dezso

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
uncw institutional risk management

UNCWInstitutional Risk Management

IRM Overview


Policy Development & Implementation Plan Overview

irm bot audit committee background
IRM BOT Audit Committee Background

Institutional Risk Management Presentations to the UNCW Board of Trustees Audit Committee began April 2011 with overview of process and identified risk areas.

Tier 1 Risk Areas with scores (impact, likelihood of occurrence) and heat map presented April 2012.

Interim Report – October 2012

Tier 1 Response Plan – April 2013 – Presented refined risk statements, indicators, mitigations and next steps for Tier 1 Risk Areas with High Rating

irm objectives
IRM Objectives

The ultimate goal of Institutional Risk Management (IRM) is to help the organization achieve its objectives by identifying, evaluating, prioritizing and managing institutional risks that might endanger the university’s mission and reputation.

No federal, state or UNC requirement to have a comprehensive, systematic process for risk identification and management currently exists.

The Association of Governing Boards (AGB) of Universities and Colleges conducted a joint survey with United Educators in 2008. Survey findings found that higher education was lagging behind in this important fiduciary responsibility (60 percent said they do not use comprehensive, strategic risk assessment). Action steps were recommended.

irm best practice action steps
IRM Best Practice Action Steps
  • Develop a disciplined process to consider risk in strategic discussions.
  • Designate an owner of the risk identification process.
  • Require all top administrators to prioritize risk.
  • Sift through the prioritized risks to decide which ones warrant attention at the highest level.
  • Require annual written reports on each high-priority risk being monitored.
  • Re-assess priority risks at the board level at least once a year.
  • Look for blind spots.
  • Move risk identification deeper into the institution each year.
  • Keep repeating the process.

C 2009 Association of Governing Boards of Universities and Colleges, United Educators

C 2009 Association of Governing Boards of University and Colleges, United Educators

uncw s central process tenants
UNCW’s Central Process Tenants

Institutional Risk Management (IRM) processes are holistic, flexible and under continuous refinement.

The six types of risks move beyond the traditional focus on financial risks covered by insurance. Risks are broadly defined to represent any impediment to accomplishing institutional goals.

The Tier I risk areas, though broad, are regularly analyzed to ensure a relevant and sufficiently narrow focus exists for each. The figure below illustrates other important IRM process components.

uncw risk tier overview
UNCW Risk Tier Overview

Tier I – Top Tier Risk Areas containing risks with potential to affect the university’s mission, strategies, and goals

Tier II – Shared risks across multiple areas or single area risks with cascading impacts

Tier III - Unit or single area risks which are largely identified and managed at the department level

Tier I

Tier II

Tier III

tier i risk profile
Tier I Risk Profile

The Tier I Profile is currently comprised of nine risk areas, each possessing a mission critical nature and risks with higher than average potential impacts. For these reasons, their proper management is considered to be of greatest institutional priority. The top five are all rated “High Risk” and fall within the orange area outlined in bold on theRisk Matrix. Repeating the

steps of analysis and

evaluation for April report.

Tier I High Risk Areas

1. Volatile Essential Resources

2. Regulatory Intervention

3. Human Capital Management

4.Campus Health and Safety

5. Continuity of Operations








Almost Certain

Almost Certain




selected tier ii risk areas
Selected Tier II Risk Areas

Tier II –

Shared risks across multiple areas

Single area risks with cascading impacts

-- Often involve continuous monitoring

-- In various stages of analysis, evaluation, and treatment

tier iii unit risk assessment
Tier III - Unit Risk Assessment

Unit level risk assessments aid in the identification, evaluation and prioritization of risks.

The process also aids in developing front line managers’ risk awareness, risk evaluation, and risk mitigation skills.

60 units have completed a unit risk assessment. Further refinement of unit risk assessments planned for 2013-14.

process maturation


Policy Development & Implementation Plan

policy development implementation plan
Policy Development & Implementation Plan

In order to facilitate a more disciplined process and move risk identification deeper into the institution, a risk management policy is needed.

Policy Purpose:Serves as a statement of the overall UNCW risk management goals and focus. It is intended to help ensure a consistent approach throughout the university.

Policy Scope:Managed with procedures and tools consistent with industry best practices, including (but not limited to) the International Organization of Standardization’s ISO 31000: Risk Management Principles and Guidelines, and the Committee of Sponsoring Organizations of The Treadway Commission’s (COSO) Enterprise Risk Management Framework

policy development implementation plan1
Policy Development & Implementation Plan
  • Research best practices
  • Present draft policy to IRM Steering Committee and IRM Committee
  • Create list of constituent groups, ensuring inclusion of Academic Coordinating Council, Faculty Senate, Staff Senate, Student Government, Chancellor committees and selected units
  • Conduct workshops to introduce policy and seek feedback
  • Submit proposed edits to IRM Steering Committee
  • Submit policy for legal sufficiency review
  • Propose final policy to Cabinet, followed by the Chancellor for approval with Chancellor Authority
  • Present to April 2014 meeting of the Audit Committee of Board of Trustees
policy development implementation plan2
Policy Development & Implementation Plan

Communication Campaign to parallel training and support. Communication campaign to cover unit risks assessments, as well as education and outreach on topics of compliance, continuity of operations, fraud and corruption, insurance, and memorandums of agreement.

Policy Development and Implementation Plan is congruent with best practice research and AGB Recommended Action Steps:

Develop a disciplined process.

Move risk identification deeper into the institution each year.

Keep repeating the process.