Mission Statement

The ERM program is designed to provide the Board of Trustees and President meaningful and actionable strategic intelligence with a pragmatic focus on optimizing decision making, institutional success, and resource allocation.
ERM Framework

ERM is a holistic and disciplined process to identify, assess, respond to, and report on key risks and opportunities with the objective of advancing the institution’s strategic goals. ERM is a continuous cycle, revolving around a risk-aware culture and sound risk management governance. Every Ithaca College faculty, staff, and student is a steward of the College and has the responsibility to identify and manage the risks associated with his/her activities. The ERM process involves:

  • Risk identification and assessment of risk(s).
  • Designate risk owners (those who have the expertise on the identified risk) and have ongoing communication.
  • Assess the impact the identified risk could have on the institution (likelihood/frequency).
  • Implement risk controls and mitigation plans to reduce the probability of a loss, but also focus on embracing opportunities and innovation.
  • Continuous monitoring and reporting to track the effectiveness of the risk mitigation treatment plan, and decide whether to accept, avoid, transfer, or mitigate the identified risk.
  • Acceptance (involves decision to sustain the ERM output, including comprehensiveness of the risk identification, adequacy and effectiveness of controls, and reporting, e.g., acceptance by EH&S, counsel, finance, etc.). Risk Management may play an acceptance role as well.

The Office of Risk Management & Insurance is always available to assist risk owners design and assign an appropriate set of metrics.

Enterprise Risk Management Committee Charter

Purpose
The Ithaca College Enterprise Risk Management (ERM) Committee is established to support the College in proactively identifying, assessing, mitigating, and monitoring risks that could impact the College’s ability to achieve its mission, strategic priorities, and long-term sustainability. The Committee provides leadership and oversight for the College’s risk management framework, ensuring that risks are appropriately managed at the institutional level.

Authority
The ERM Committee operates under the authority of the Vice President and Secretary to the Board and reports at least annually to the President’s Executive Council and the Board of Trustees. The Committee is empowered to:

  • Request information from any College office or function necessary to fulfill its responsibilities
  • Recommend policies, procedures, or practices to enhance Enterprise Risk Management

Mission
The ERM program is designed to provide the Board of Trustees and President meaningful and actionable strategic intelligence with a pragmatic focus on optimizing decision making, institutional success, and resource allocation. 

Enterprise Risk Management Process

  • Risk Identification and Risk Assessment
    • Assemble a comprehensive risk register of both risk threats and opportunities
    • Examine the likelihood and potential impact of all identified risks to the College
  • Align ERM Process to Strategic Goals
    • Ensure ERM processes maximize the achievement of College goals and objectives
  • Manage Risks
    • Assign risk to a risk owner (subject-matter expert)
    • Communicate with stakeholders
    • Focus on embracing opportunities and innovation
    • Implement risk treatment and mitigation plan for high risks scored as Significant or Elevated
    • Monitor the effectiveness of risk mitigation plans on a quarterly basis
    • Monitor and update the College’s risk register
  • Report on Risks
    • Ongoing communication with stakeholders and report on risk mitigation status
  • Review and Continuous Improvement
    • Risk management training and development for ERM Committee members and stakeholders 

ERM Committee Roles and Responsibilities

The ERM Committee will:

1. Risk Identification and Assessment:

  • Maintain a comprehensive inventory of institutional risks across strategic, financial, operational, 
    compliance, and reputational categories
  • Regularly assess likelihood and impact of risks
  • Identify emerging risks that may affect the College 

2. Risk Mitigation and Monitoring:

  • Oversee the development of risk mitigation strategies and assign responsibility for management
  • Monitor the effectiveness of risk controls to ensure progress and accountability
  • Recommend adjustments to risk tolerance levels where appropriate due to changing 
    circumstances 

3. Integration with Strategic Planning

  • Align risks with strategic initiatives and priorities
    • Ensure that identified risks are communicated appropriately for informed-decision making  

4. Communication & Reporting

  • Provide quarterly reports to the President’s Executive Council
  • Provide annual report to the Board of Trustees through the Audit Committee
  • Promote a culture of risk awareness and accountability across the College community
  • Share lessons learned from risk events and mitigation efforts 

5. Continuous Improvement

  • Review and refine the College's ERM framework annually
  • Benchmark practices against peer institutions where feasible
  • Establish effective and ongoing reporting and communication protocols to College stakeholders, 
    including vice presidents, to ensure dissemination of risk-related information.

Membership
The ERM Committee is a standing Committee and membership is appointed by the Vice President for Legal Affairs in consultation with the President.

Members will be appointed because of their leadership role(s) with the College and their unique familiarity with their area’s operational processes and risks. Therefore, appointments to the Committee may run indefinitely. Membership will encompass campus-wide representation from a broad range of direct mission and operational support areas. The Director of Risk Management & Insurance will serve as Chair. The Committee has no executive powers or supervisory functions. Rather, it will function in a review, recommendation, and advisory role to the President’s Executive Council and the Board of Trustees.

The Committee will be comprised of representatives from Academic Affairs, Athletics, Enrollment Management, Finance & Administration, Human Resources, Information Technology & Analytics, Legal Affairs, Marketing Communications/Public Relations, Risk Management, Student Affairs & Campus Life, and Title IX. Consultation with other stakeholders will occur on a regular basis as the Committee performs their work.

Meetings
The ERM Committee will meet quarterly or more frequently, if deemed necessary. Minutes from each meeting will be recorded by the Office of Risk Management and distributed to members. Non-Committee members may be invited periodically to attend meetings. Meetings will be called by the Chairperson.

Reporting

  • The Committee will submit a quarterly ERM Report to the President’s Executive Council, and an annual report to the Board of Trustees, summarizing key risks, mitigation strategies, and progress.
  • Significant emerging risks or urgent matters will be reported promptly outside of the regular reporting cycle. 

Charter Review
This Charter is subject to review by the ERM Committee every two years to ensure its alignment with the College’s strategic goals and objectives, including its continued relevance and effectiveness.