Institutions of higher education face a number of challenges in today’s highly competitive business and social climate: reputational risk, obsolescence, tuition revenue dependence, campus crises, cyber-attacks. I could go on, but you get the idea. If your institution is sophisticated in risk management, you probably have a process in place to compile these issues, among others, into a risk inventory. But are you really getting the most out of your process? Is it effective and efficient?
Institutions should periodically conduct reviews of enterprise risk management (ERM) processes to determine if the right personnel and systems are in place to effectively identify and manage risks. Internal Audit can be a great resource, but if that’s not currently an option, here are some questions that will get the ball rolling:
Does our system support current risk evaluation and reporting processes? Are we even using an ERM system?
Do we have all of the right people involved in the process? Is our ERM leadership appropriate and effective?
Are our identified risks consistently ranked across departments, divisions, etc.?
Are we considering new/emerging risks? If so, are those risks identified in a timely manner?
Are we challenging identified risks?
Are we communicating identified risks to the right individuals?
Does our ERM process allow us to seize new opportunities?
Are we performing a significant portion of the process manually? Could we automate some parts of the process with enhanced system reliance or with a new system?
Are we able to measure achievement of strategic objectives and goals?
Are we collecting proprietary or sensitive information? If so, is it stored in a secure manner?
It’s important to remember that ERM is not just a mechanism to collect risks in one place, but rather a highly valuable tool to view, assess and address risks across your entire institution. When managed properly, ERM should provide benefits like improved decision-making capabilities, more effective strategic and operational planning, greater stakeholder confidence and enhanced organizational resilience.
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.