Enterprise Risk Management (ERM)


MISSION STATEMENT

The focus of the Enterprise Risk Management (ERM) program is to recognize and support the strategic goals of Ithaca College and promote a risk-aware culture. The ERM program works to identify and assess risks with stakeholders across campus to effectively manage those risks within the College’s policies, human resources, operations, physical assets, and finances. ERM embraces opportunities and innovation that may pose risks to the College.

ERM FRAMEWORK

ERM is a holistic and disciplined process to identify, assess, respond to and report on key risks and opportunities with the objective of advancing the institution’s strategic goals.

Enterprise Risk Management is a continuous cycle, revolving around a risk-aware culture and sound risk management governance. Every Ithaca College faculty, staff and student is a steward of the College and has the responsibility to identify and manage the risks associated with his/her activities. The ERM process involves:

  • Risk identification and assessment of a risk(s).
  • Designate risk owners (those who have the expertise on the identified risk) and have ongoing communication.
  • Assess the impact the identified risk could have on the institution (likelihood/frequency).
  • Implement risk controls and mitigation plan to reduce the probability of a loss, but also focus on embracing opportunities and innovation.
  • Continuous monitoring and reporting to track the effectiveness of the risk mitigation treatment plan, and decide whether to accept, avoid, transfer or mitigate the identified risk..
  • Acceptance (involves decision to sustain the ERM output, including comprehensiveness of the risk identification, adequacy and effectiveness of controls, and reporting, e.g., acceptance by EH&S, counsel, finance, etc.). Risk Management may play an acceptance role as well.

The Office of Risk Management & Insurance is always available to assist risk owners design and assign an appropriate set of metrics.

Download