Supplemental Information Print this PDF

Name: Enterprise Risk Management Policy
Responsible Office: Business Office & General Counsel

Applies to: (examples; Faculty,Staff, Students, etc)

Faculty , Staff

Policy Overview:

Issued: 11-01-2016
Next Review Date: 04-02-2022
Frequency of Reviews: Every 2 years

This policy establishes a framework to identify, communicate, rate, and prioritize risks across the entire organization.

This policy applies to all members of the President’s Staff and employees assigned to or delegated responsibility for managing specific compliance or enterprise risks.


Annual Enterprise Risk Management Plan:  A comprehensive report that identifies and prioritizes enterprise risks and risk management plans.

Enterprise Risk Management:  A continuous, proactive and systematic process to understand, manage, and communicate risk from an organization-wide perspective.  It is about making strategic decisions that contribute to the achievement of the College’s overall mission and objectives.

Enterprise Risk Management Committee:  A committee consisting of the Vice President and Chief Financial Officer, the Associate Vice President of Operations, and the General Counsel/Chief Compliance Officer that is responsible for implementation of the College’s Enterprise Risk Management Policy and program.

Risk:  The effect of uncertainty on objectives expressed as the likelihood and impact of an event with the potential to affect the achievement of the College’s objectives.

Risk Owners:  College personnel who are assigned primary operational responsibility for management of specific risks.

Risk Tolerance:  The amount of risk, on a broad level, that the College is willing to accept in pursuit of its mission and strategic objectives.


The College will conduct an annual assessment to identify, understand and effectively manage key risks, consistent with the College’s Risk Tolerance.  This will allow the College to support the responsible assumption of risk in pursuit of the College’s mission and strategic objectives.  An Annual Risk Management Plan will be developed by the Enterprise Risk Management Committee to manage Risks including operational and communication protocols in the event of an adverse occurrence.  Accountability for managing Risks will be achieved by assigning Risks to President’s Staff Members and Risk Owners, and through reporting to the President and the Audit Committee of the Board of Trustees.


Risk Assessment

Each year the Enterprise Risk Management Committee (ERMC) will coordinate the identification and evaluation of Risks with the President’s Staff by using established guidelines.

Rating and Prioritization of Risks

The President’s staff and Risk Owners will be asked to evaluate the “Likelihood” and “Impact” of each risk using the criteria approved by the Enterprise Risk Management Committee.  For each risk identified, the ERMC will oversee the development of risk mitigation plans to manage the current and desired level of risk. 

Monitoring and Reporting

Each year the ERMC will prepare an Annual Enterprise Risk Management Report for the President’s approval that includes a summary of the Risks and Risk Management Plans for each President Staff member’s area.  This report will be updated annually or whenever a significant, new Risk is identified.  The ERMC will monitor Risks by obtaining an annual status update from the President’s Staff prior to the commencement of the annual budget cycle.  The ERMC, the President, and the President’s Staff will develop an ERM scorecard to monitor the risks identified in the Annual Enterprise Risk Management Plan.  The President or his designee will take appropriate steps to inform the Audit Committee of the Board of Trustees of the Annual Enterprise Risk Management Report.


ERMC:  The ERMC is responsible for coordinating and overseeing the activities required under the Enterprise Risk Management Policy.

General Counsel/Chief Compliance Officer:  The General Counsel/Chief Compliance Officer will serve as the Chair of the Enterprise Risk Management Committee and provide legal advice, education, and training.

President’s Staff:  Each member of the President’s Staff is tasked with overseeing their respective areas to effectively manage Riskand administer this policy.  Additionally, each President’s Staff member, Risk Owner,  and designated personnel will be charged with initiating required education and training with respect to particular risks identified for their areas of responsibility. 

President:  The President oversees the ERMC and has ultimate responsibility for prioritization of risks, assignment of resources, determining Risk Tolerance, and communicating information regarding the College’s Annual Enterprise Risk Management Report and program to the Board of Trustees.

Risk Owners:  Individuals identified will be assigned critical Risk management responsibilities. President's Staff memebers are primarily responsible for enterprise risk management administration for their respective areas.


Policy Contacts:


Contact Information

 Vice President Finance & CFO


Kenneth Fleischmann, JD, General Counsel

Supplemental Information: